怎么使用Nginx缓存加速WordPress站点

WordPress站点程序,尝试过安装各种缓存插件(super cache, w3 total cache等)加速运行,但是低配的vps依然难以支持这么大的访问量。通过日志可以看到随着访问量的增加,php-fpm进程增多,Mysql的连接和线程增多,接着出现OOM,然后系统kill掉占用内存最大的Mysql进程,于是网站进入503宕机模式。

买更好的vps能解决访问量大的问题,但是要花更多的钱。做为一个技术宅,首先想到的当然是如何榨干现有机器来支撑大流量。做过的尝试包括切换到比WordPress性能更好的Ghost,参考:尝试Ghost 。但是相对于WordPress,Ghost的生态远没有那么成熟,最终放弃了。

左思右想下,终极解决办法是用Nginx缓存,最初的文章可参考:Nginx配置fastcgi cache。fastcgi_cache的好处是大部分用户的请求不用后端php-fpm打交道,直接发送缓存的静态页面,速度上甩各种WordPress插件好几条街!相比之下wordpress的各种插件还要执行php,也避免不了访问数据库,弱爆了!

自从使用了nginx缓存,网站平稳运行,再也没有出现过宕机的现象。同时vps的cpu和内存占用率直线下降,再也无需担心vps的配置问题,感觉再来10倍流量博客也撑得住!

因为nginx稳如狗的体验,所以现在对于博客类读多写少的产品都是强推nginx缓存(fastcgi缓存或者proxy缓存)。鉴于可能帮到一些网友,现贴出 /etc/nginx/nginx.conf 配置文件供大家参考(包含ssl设置和gzip部分):

# 文件: /etc/nginx/nginx.conf

 

# For more information on configuration, see:

#   * Official English Documentation: http://nginx.org/en/docs/

#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;

worker_processes auto;

error_log /var/log/nginx/error.log;

pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.

include /usr/share/nginx/modules/*.conf;

events {

worker_connections 1024;

}

http {

log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for" "$request_time"';

access_log  /var/log/nginx/access.log  main buffer=32k flush=30s;

server_tokens       off;

client_max_body_size 100m;

sendfile            on;

tcp_nopush          on;

tcp_nodelay         on;

keepalive_timeout   65;

types_hash_max_size 2048;

include             /etc/nginx/mime.types;

default_type        application/octet-stream;

# ssl配置

ssl_protocols TLSv1.2 TLSv1.3;

ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;

ssl_ecdh_curve secp384r1;

ssl_prefer_server_ciphers on;

ssl_session_cache shared:SSL:10m;

ssl_session_timeout 10m;

ssl_session_tickets off;

ssl_stapling on; # Requires nginx >= 1.3.7

ssl_stapling_verify on; # Requires nginx => 1.3.7

add_header Strict-Transport-Security "max-age=63072000; preload";

#add_header X-Frame-Options DENY;

add_header X-Frame-Options SAMEORIGIN;

add_header X-Content-Type-Options nosniff;

add_header X-XSS-Protection "1; mode=block";

# 请按照自己的需求更改

fastcgi_cache_path /var/cache/nginx/tlanyan levels=1:2 keys_zone=tlanyan:10m inactive=30m use_temp_path=off;

fastcgi_cache_key $request_method$scheme$host$request_uri;

# note: can also use HTTP headers to form the cache key, e.g.

#fastcgi_cache_key $scheme$request_method$host$request_uri$http_x_custom_header;

#fastcgi_cache_lock on;

fastcgi_cache_use_stale error timeout invalid_header updating http_500;

fastcgi_cache_valid 200 301 302 10h;

fastcgi_cache_valid 404 10m;

fastcgi_ignore_headers Expires Set-Cookie Vary;

# gzip 配置

gzip on;

gzip_min_length  1k;

gzip_buffers     4 16k;

gzip_comp_level 7;

gzip_types

text/css

text/plain

text/javascript

application/javascript

application/json

application/x-javascript

application/xml

application/xml+rss

application/xhtml+xml

application/x-font-ttf

application/x-font-opentype

application/vnd.ms-fontobject

image/svg+xml

image/x-icon

application/rss+xml

application/atom_xml

image/jpeg

image/gif

image/png

image/icon

image/bmp

image/jpg;

gzip_vary on;

# Load modular configuration files from the /etc/nginx/conf.d directory.

# See http://nginx.org/en/docs/ngx_core_module.html#include

# for more information.

include /etc/nginx/conf.d/*.conf;

}

以及用于WordPress站点的网站配置文件(/etc/nginx/conf.d/tlanyan.conf):

server {

 

listen 80;

listen [::]:80;

server_name www.tlanyan.me tlanyan.me; # 请换成自己的域名

rewrite ^(.*) https://$server_name$1 permanent;

}

server {

listen       443 ssl http2;

listen       [::]:443 ssl http2;

server_name www.tlanyan.me tlanyan.me; # 请换成自己的域名

charset utf-8;

ssl_certificate /etc/nginx/conf.d/tlanyan.pem;  # 请换成自己的证书和密钥

ssl_certificate_key /etc/nginx/conf.d/tlanyan.key;

set $host_path "/var/www/tlanyan";  # 请改成自己的路径

access_log  /var/log/nginx/tlanyan.access.log  main buffer=32k flush=30s;

error_log /var/log/nginx/tlanyan.error.log;

root   $host_path;

# 缓存标记

set $skip_cache 0;

if ($query_string != "") {

set $skip_cache 1;

}

if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|sitemap(_index)?.xml") {

set $skip_cache 1;

}

# 登录用户或发表评论者

if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {

set $skip_cache 1;

}

location = / {

index  index.php index.html;

try_files /index.php?$args /index.php?$args;

}

location / {

index  index.php index.html;

try_files $uri $uri/ /index.php?$args;

}

location ~ ^/\.user\.ini {

deny all;

}

location ~ \.php$ {

try_files $uri =404;

fastcgi_index index.php;

fastcgi_pass   127.0.0.1:9000;

fastcgi_cache tlanyan;

fastcgi_cache_valid 200 301 302 30m;

fastcgi_cache_valid 404 10m;

fastcgi_cache_bypass $skip_cache;

fastcgi_no_cache $skip_cache;

fastcgi_cache_lock on;

include fastcgi_params;

fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;

}

location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar|jpeg)$ {

expires max;

access_log off;

try_files $uri =404;

}

}

上述配置对最新版的Nginx测试有效,详细配置指令请参考Nginx官方文档。