Hi. I wanted to enable ssl on nginx for using to login to wordpress and the admin panel.
I have a ssl certifcate that uses secure.DOMAIN.com. My Wordpress configuration is with Network enabled. http://codex.wordpress.org/Create_A_Network#Apache_Virtual_Hosts_and_Mod_Rewrite.
The website works like this:
www.DOMAIN.com (Main blog, points to others blogs)
subdomain1.DOMAIN.com (blog 1)
sub2.DOMAIN.com (blog 2)
What I want to force is a secure SSL connection for login in and administration for each subdomain. http://codex.wordpress.org/Administration_Over_SSL
How do I change the configuration in nginx to work like that?
Here is my current nginx.conf and website.conf files.
nginx.conf file:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush off;
tcp_nodelay on;
keepalive_timeout 30;
client_body_buffer_size 1K;
client_header_buffer_size 1k;
client_max_body_size 12M;
large_client_header_buffers 2 1k;
gzip on;
gzip_comp_level 2;
gzip_http_version 1.1;
gzip_vary on;
gzip_proxied any;
gzip_types text/plain text/css image/x-icon image/png image/jpg image/jpeg text/js text/php application/xhtml application/xhtml+xml;
gzip_buffers 16 8k;
gzip_disable "MSIE [1-6].(?!.*SV1)";
include /etc/nginx/conf.d/*.conf;
}
website.conf file:
server {
server_name www.domain.com secure.domain.com *.domain.com;
root /www/domain.com;
index index.php index.html;
error_page 404 = @wordpress;
log_not_found off;
location ^~ /files/ {
rewrite /files/(.+) /wp-includes/ms-files.php?file=$1 last;
}
location @wordpress {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
include fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
}
# Rewrite minified CSS and JS files
rewrite ^/wp-content/w3tc/min/([a-f0-9]+)\/(.+)\.(include(\-(footer|body))?(-nb)?)\.[0-9]+\.(css|js)$ /wp-content/w3tc/min/index.php?tt=$1&gg=$2&g=$3&t=$7 last;
set $cache_uri $request_uri;
if ($request_method = POST) {
set $cache_uri 'no cache';
}
if ($query_string != "") {
set $cache_uri 'no cache';
}
if ($request_uri ~* "(\/wp-admin\/|\/xmlrpc.php|\/wp-(app|cron|login|register|mail)\.php|wp-.*\.php|index\.php|wp\-comments\-popup\.php|wp\-links\-opml\.php|wp\-locations\.php)") {
set $cache_uri "no cache";
}
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp\-postpass|wordpress_logged_in") {
set $cache_uri 'no cache';
}
location / {
try_files /wp-content/w3tc/pgcache/$cache_uri/_index.html $uri $uri/ /index.php;
}
location ~* \.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
try_files $uri =404;
expires max;
access_log off;
}
location ~* /\.ht {
deny all;
access_log off;
log_not_found off;
}
location ~ \.php$ {
try_files $uri @wordpress;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ^~ /blogs.dir/ {
internal;
root /home/domain.com/wp-content;
}
}
server {
listen 443;
server_name www.domain.com secure.domain.com *.domain.com;
ssl on;
ssl_certificate /etc/ssl/domain_com/domain_com.crt;
ssl_certificate_key /etc/ssl/domain_com/domain_com.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
