domain.com.nginx

server {
    listen       8080;
    server_name  domain.com www.domain.com v1.domain.com v2.domain.com v3.domain.com v4.domain.com v5.domain.com;
    return 301 https://domain.com$request_uri;
    rewrite ^(.*) https://domain.com$1 permanent;
    port_in_redirect off;
    autoindex on;
    #charset koi8-r;
    #access_log  /var/log/nginx/host.access.log  main;
    error_log               /home/nginx/domain.com/log/error.log      error;
    #root   /usr/share/nginx/html;
    root   /home/nginx/domain.com/public_html;
    location / {
        #root   /usr/share/nginx/html;
        #index  index.html index.htm;
    try_files $uri $uri/ /index.php?$args;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    include /etc/nginx/conf.d/php.conf;
    include /etc/nginx/conf.d/staticfiles.conf;
    include /etc/nginx/conf.d/block.conf;
    include /home/nginx/domain.com/public_html/nginx.conf;

rewrite ^/(.*)-([0-9]+)x([0-9]+)?\.((?i)jpeg|jpg|png|gif) /wp-content/plugins/wp-performance-pack/serve-dynamic-images.php break;
set $cache_uri $request_uri;

# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
        set $cache_uri 'null cache';
}
if ($query_string != "") {
        set $cache_uri 'null cache';
}

# Don't cache uris containing the following segments
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
        set $cache_uri 'null cache';
}

# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") {
        set $cache_uri 'null cache';
}
}


server {
listen 8443 ssl http2;
server_name domain.com www.domain.com v1.domain.com v2.domain.com v3.domain.com v4.domain.com v5.domain.com;
keepalive_timeout 30;

ssl on;
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
ssl_stapling on;
root /home/nginx/domain.com/public_html;


location / {
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$uri&$args;
            proxy_pass http://127.0.0.1:80;
            proxy_set_header X-Real-IP  $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto https;
            proxy_set_header X-Forwarded-Port 443;
            proxy_set_header Host $host;

access_log off;
# access_log /home/nginx/domain.com/logs/access.log;
error_log off;
# error_log /home/nginx/domain.com/log/error.log;
root /home/nginx/domain.com/public_html;
index index.php index.html index.htm;

location / {
try_files $uri $uri/ /index.php?$args;
}

location ~* \.php$ {
    fastcgi_index   index.php;
    fastcgi_pass    127.0.0.1:9000;
    #fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
    include         fastcgi_params;
    fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
    fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;

    # Thiết lập timeout cho proxy
#    fastcgi_connect_timeout 60;
#    fastcgi_send_timeout 180;
#    fastcgi_read_timeout 180;
#    fastcgi_buffer_size 512k;
#    fastcgi_buffers 512 16k;
#    fastcgi_busy_buffers_size 512k;
#    fastcgi_temp_file_write_size 512k;
#    fastcgi_intercept_errors on;
}

#location ~ \.php$ {
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
#include /etc/nginx/fastcgi_params;
#fastcgi_pass 127.0.0.1:9000;
#fastcgi_index index.php;
#fastcgi_connect_timeout 300;
#fastcgi_send_timeout 300;
#fastcgi_read_timeout 300;
#fastcgi_buffer_size 32k;
#fastcgi_buffers 8 16k;
#fastcgi_busy_buffers_size 32k;
#fastcgi_temp_file_write_size 32k;
#fastcgi_intercept_errors on;
#fastcgi_param SCRIPT_FILENAME /home/nginx/domain.com/public_html$fastcgi_script_name;
#}
location ~ /\. {
deny all;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* \.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|eot|svg|ttf|woff)$ {
gzip_static off;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
expires 30d;
break;
}

location ~* \.(txt|js|css)$ {
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
expires 30d;
break;
}
}
}