Nginx Configuration for WordPress with HTTPS Enabled

Few days back I switched back to WordPress from static site generator Hugo. On my server I am using Nginx as web-server though I am more familiar with Apache Web Server (Now I can’t remember exactly why I switched to Nginx?!). I am using LetsEncrypt SSL certificates and always redirect regular HTTP traffic to HTTPS.

So, here is the Nginx configuration I used for my WordPress installation. It redirects all non-HTTPS to HTTP. Please replace <webroot> and <domain> in this template with your corresponding values.

server {
        listen 443 ssl;
        listen 80;

        root <webroot>;
        index index.php index.html index.htm;

        server_name <domain>;

        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }
        
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }
        
        location / {
                # This is cool because no php is touched for static content.
                # include the "?$args" part so non-default permalinks doesn't break when using query string
                try_files $uri $uri/ /index.php?$args;
        }
        
        location ~ \.php$ {
                #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                include fastcgi.conf;
                fastcgi_intercept_errors on;
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }
        
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires max;
                log_not_found off;
        }
        
        ssl_certificate     /etc/letsencrypt/live/<domain>/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem;
}

server {
        root <webroot>;
        index index.php index.html index.htm;

        server_name <domain>;

        rewrite     ^ $scheme://<domain>$request_uri permanent;
}

Also please ensure the SSL certificate and key path are correct for your environment.

Leave a comment

Your email address will not be published. Required fields are marked *