Moving WordPress to nginx

This WordPress site has been migrated from Apache to nginx. The front-end is an internet-facing reverse-proxy using nginx, with the back-end using nginx and php-fpm. Both ends run inside jails on FreeBSD servers.

This article focusses on the back-end configuration, the nginx instance that serves static content from the WordPress installation at /usr/local/www/wordpress/ and forwards PHP requests to the php-fpm service listening on port 9000.

Continue reading Moving WordPress to nginx

Nginx: alias, try_files and PHP

Web servers map URIs to pathnames, and the simplest mapping is concatenating the document root and the URI, which is managed using the root directive.

Sometimes, part of the URI needs to be removed before performing a concatenation, in which case the alias directive may be useful.

This article addresses issues from using the `alias` directive with the try_files directive and with php-fpm. Continue reading Nginx: alias, try_files and PHP

Extension-less Configuration for nginx

Many web designers want their URLs to appear in a particular format on the browser’s address bar. On this website we use pretty permalinks with a trailing slash.

But this article describes an nginx configuration that supports URLs without a trailing slash or a file extension. So the URL /foo might refer to a directory index (/foo/index.php), a static file (/foo.html) or a script (/foo.php), whichever is located first within a predefined order.

Continue reading Extension-less Configuration for nginx

Bridging Firewall

The bridging firewall can be deployed to enhance the security of a network, particularly a perimeter network with a block of addresses where a router may not be appropriate. The bridging aspect offers a stealthy solution with the ability to partition the perimeter network into a number of separately protected zones.

The bridge is an additional layer of security that can easily be inserted in place of a switch or hub. The article focusses on a firewall that sits between the service provider’s equipment and three protected networks.

The design and configuration of a bridging firewall is described, using a FreeBSD server with several network interfaces. The example network is a /29 subnet feeding a wireless LAN, a wired LAN, and a small server farm.

Continue reading Bridging Firewall

Mostly useful stuff