wordpress.conf

upstream memcached-servers {
    server memcached:11211;
}

server {
    listen   80; ## listen for ipv4; this line is default and implied
    listen   [::]:80 default ipv6only=on; ## listen for ipv6
    listen   443 ssl http2;
    listen   [::]:443 ipv6only=on ssl http2;
    server_name wordpress.example.com;

    keepalive_timeout  5 5;
    proxy_buffering    off;

    # Enable SSL
    #ssl on;
    ssl_certificate /etc/nginx/ssl/nginx.crt;
    ssl_certificate_key /etc/nginx/ssl/nginx.key;
    ssl_session_timeout 5m;
    
    # Strong SSL Security
    # https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
    ssl_protocols TLSv1.1 TLSv1.2;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    
    # allow large uploads
    client_max_body_size 4G;

    # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
    chunked_transfer_encoding on;

    charset UTF-8;
    root /var/www/html;
    index index.php index.html index.htm;

    server_name localhost;

    location / {
            try_files $uri $uri/ @memcached;
            proxy_http_version 1.1;
    }

    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
            expires 24h;
            log_not_found off;
    }

    # redirect server error pages to the static page /50x.html
    #
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
            root /var/www/html;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ (\.php) {
        try_files $uri =404;
        fastcgi_index                           index.php;
        fastcgi_connect_timeout                 10;
        fastcgi_send_timeout                    180;
        fastcgi_read_timeout                    180;
        fastcgi_buffer_size                     512k;
        fastcgi_buffers                         4       256k;
        fastcgi_busy_buffers_size               512k;
        fastcgi_temp_file_write_size            512k;
        fastcgi_intercept_errors                on;
        fastcgi_split_path_info                 ^(.+\.php)(/.*)$;
        fastcgi_keep_conn                       on;

        fastcgi_param   QUERY_STRING            $query_string;
        fastcgi_param   REQUEST_METHOD          $request_method;
        fastcgi_param   CONTENT_TYPE            $content_type;
        fastcgi_param   CONTENT_LENGTH          $content_length;
        fastcgi_param   SCRIPT_FILENAME         $document_root$fastcgi_script_name;
        fastcgi_param   SCRIPT_NAME             $fastcgi_script_name;
        fastcgi_param   REQUEST_URI             $request_uri;
        fastcgi_param   DOCUMENT_URI            $document_uri;
        fastcgi_param   DOCUMENT_ROOT           $document_root;
        fastcgi_param   SERVER_PROTOCOL         $server_protocol;
        fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
        fastcgi_param   SERVER_SOFTWARE         nginx;
        fastcgi_param   REMOTE_ADDR             $remote_addr;
        fastcgi_param   REMOTE_PORT             $remote_port;
        fastcgi_param   SERVER_ADDR             $server_addr;
        fastcgi_param   SERVER_PORT             $server_port;
        fastcgi_param   SERVER_NAME             $server_name;
        fastcgi_param   PATH_INFO               $fastcgi_path_info;
        fastcgi_param   PATH_TRANSLATED         $document_root$fastcgi_path_info;
        fastcgi_param   REDIRECT_STATUS         200;

        # uncomment these for HTTPS usage
        #fastcgi_param  HTTPS                   $https if_not_empty;
        #fastcgi_param  SSL_PROTOCOL            $ssl_protocol if_not_empty;
        #fastcgi_param  SSL_CIPHER              $ssl_cipher if_not_empty;
        #fastcgi_param  SSL_SESSION_ID          $ssl_session_id if_not_empty;
        #fastcgi_param  SSL_CLIENT_VERIFY       $ssl_client_verify if_not_empty;

        fastcgi_pass wordpress:9000;
    }

    # try to get result from memcached
    location @memcached {
        default_type text/html;
        set $memcached_key data-$scheme://$host$request_uri;
        set $memcached_request 1;

        # exceptions
        # avoid cache serve of POST requests
        if ($request_method = POST ) {
            set $memcached_request 0;
        }

        # avoid cache serve of wp-admin-like pages, starting with "wp-"
        if ( $uri ~ "/wp-" ) {
            set $memcached_request 0;
        }

        # avoid cache serve of any URL with query strings
        if ( $args ) {
            set $memcached_request 0;
        }

        if ($http_cookie ~* "comment_author_|wordpressuser_|wp-postpass_|wordpress_logged_in_" ) {
            set $memcached_request 0;
        }


        if ( $memcached_request = 1) {
            add_header X-Cache-Engine "WP-FFPC with memcache via nginx";
            memcached_pass memcached-servers;
            error_page 404 = @rewrites;
        }

        if ( $memcached_request = 0) {
            rewrite ^ /index.php last;
        }
    }

    location @rewrites {
        add_header X-Cache-Engine "No cache";
        rewrite ^ /index.php last;
    }

}