diff --git a/nginx/default.conf b/nginx/default.conf index 775fd85..57e56a9 100644 --- a/nginx/default.conf +++ b/nginx/default.conf @@ -36,7 +36,7 @@ server { return 301 $scheme://$host/phpmyadmin/; } - location ~ \/phpmyadmin { + location ~ ^/phpmyadmin/ { rewrite ^/phpmyadmin(/.*)$ $1 break; proxy_set_header Host $host; proxy_set_header X-Forwarded-Scheme $scheme; @@ -61,7 +61,7 @@ server { if ($request_method = PUT) { set $skip_cache 1; } if ($request_method = PATCH) { set $skip_cache 1; } - # Four maps defined in nginx.conf (http context) resolve all cache + # Five maps defined in nginx.conf (http context) resolve all cache # exclusion logic. We don't use: # # if ($query_string != "") { set $skip_cache 1; } @@ -71,6 +71,7 @@ server { # $skip_cache_path — path-based exclusions (keyed on $uri) # $skip_cache_query — query-param exclusions (keyed on $query_string) # $skip_cache_cookie — cookie-based exclusions (keyed on $http_cookie) + # $skip_cache_cart — wc-cart exclusions (keyed on $cookie_woocommerce_items_in_cart) # $skip_cache_xhr — ajax-based exclusions (keyed on $http_x_requested_with) # # This approach allows higher level Nginx cache ratios for WooCommerce. @@ -123,9 +124,17 @@ server { fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; fastcgi_cache NPP; - fastcgi_cache_valid 30d; - fastcgi_cache_use_stale error timeout updating invalid_header http_500 http_503; + fastcgi_cache_valid 200 30d; + fastcgi_cache_valid 404 1m; + fastcgi_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; fastcgi_cache_lock on; + fastcgi_cache_background_update on; + + # Prevent cookie leakage: remove Set-Cookie headers from cacheable responses + # so that one user's cookies are never served to another user from cache. + if ($skip_cache = 0) { + more_clear_headers "Set-Cookie*"; + } # Prevents Nginx from splitting cache into multiple variants per URL. # When PHP-FPM sends "Vary: Accept-Encoding", Nginx computes a secondary MD5 key