Nginx Configuration for WordPress Multisite

January 11, 2019 1.3k views
Nginx WordPress Ubuntu 18.04

Hi,

I have installed WordPress Multisite on Nginx - Ubuntu 18.04. Also installed Cloudflare SSL.

This is my /etc/nginx/sites-available/example-net configuration:

server {
listen 443;

charset UTF-8;

ssl on;
ssl_certificate /etc/cloudflare-ssl/example-com.pem;
ssl_certificate_key /etc/cloudflare-ssl/secretkey-example-com.key;
include /etc/cloudflare-ssl/options-ssl-nginx.conf;
ssl_client_certificate /etc/nginx/cloudflare.crt;
ssl_verify_client on;

root /var/www/html;
index index.php index.html index.htm;
server_name example.net www.example.net;
client_max_body_size 0;

error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;

location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}

location ~* \.php$ {
if ($uri !~ "^/uploads/") {
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
}
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}

location = /robots.txt {
log_not_found off;
access_log off;
allow all;
}

# REMOVE THIS LATER
add_header  X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";

# X-XSS Protection
add_header X-XSS-Protection "1; mode=block";

# Add support for subdirectory structure in WordPress Multisite
if (!-e $request_filename) {
    rewrite /wp-admin$ $scheme://$host$uri/ permanent;  
    rewrite ^(/[^/]+)?(/wp-.*) $2 last;                     
    rewrite ^(/[^/]+)?(/.*.php) $2 last;                   
}

# W3 Total Cache Plugin
include /var/www/html/nginx.conf;
location = /nginx.conf {
deny all;
}

# Deny access to uploads that are not images, videos, music, etc.
location ~* ^/wp-content/uploads/.*.(html|htm|shtml|php|js|swf)$ {
    deny all;
}

# Deny public access to wp-config.php
location ~* wp-config.php {
    deny all;
}

# Block access to xmlrpc.php
location = /xmlrpc.php {
    deny all;
    access_log off;
    log_not_found off;
}

# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
    deny all;
}

}

server {
    if ($host = www.example.net) {
        return 301 https://example.net$request_uri;
    } # managed by Certbot


    if ($host = example.net) {
        return 301 https://example.net$request_uri;
    } # managed by Certbot

listen 80;
server_name example.net www.example.net;
    return 404; # managed by Certbot

}

But it is not correct I guess. For example: Although I have added “add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive”;“ above, it is not displayed on http header.

What is the issue?

Thank you,
Best regards.

Be the first one to answer this question.