I feel something needs to be addressed so Nginx will select more than one location block for processing a request.
Let's say I'm running Nginx in front of Apache and I want to secure the WordPress login page :
location ~* wp-login.php {
allow 22.131.12.14;
deny all;
include /usr/local/etc/nginx/proxypass.conf;
proxy_pass http://127.0.0.1:80;
}
The problem here is that ALL static content (css, js, images, etc) for that PHP page (or directory) is now being handled by Apache as well. This really slows everything down (especially under high loads).
It would be nice to have an option we can set to say 'hey process this location block - then look ahead and process any other matches'. For example :
location > wp-login.php {
allow 22.131.12.14;
deny all;
}
# Pass off php requests to Apache
location ~* \.php {
include /usr/local/etc/nginx/proxypass.conf;
proxy_pass http://127.0.0.1:80;
}
# Serve static files directly from nginx
location ~* \.(jpg|jpeg|gif|png|bmp|ico|pdf|flv|swf|exe|html|htm|css|js)$ {
expires 365d;
etag on;
}
Then we'd only need one location block to handle the php files - and one to handle the static images for the entire site.
This way, we can keep the vhost files clean and make it much easier for us to set allow / deny rules, charsets, headers, e-tags, etc to certain directories or files without having to pile in (in my opinion) a lot of redundant code.
Thank you for listening.
Edited 1 time(s). Last edit at 07/12/2014 12:08AM by Mayhem30.