I'm a newbie when it comes to nginx and server config.
I can't seem to set Browser Cache expiration. I don't have a clue on what I did wrong. When I test it on Gtmetrix is says that "expiration not specified". I hope you can help me with this.
# Virtual host file starts here
server {
listen 80;
access_log /var/log/nginx/access.upholsterycleanigs.com.aulog;
error_log /var/log/nginx/error.upholsterycleanings.com.au.log;
server_name upholsterycleanings.com.au www.upholsterycleanings.com.au;
root /home/upholsterycleanings/public_html;
location / {
location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot)$ {
expires 30d; #Comment this out if you are using the apache backend cache-control/expires headers.
try_files \$uri \#backend;
}
error_page 405 = \#backend;
error_page 500 = \#custom;
add_header X-Cache "HIT from Backend";
proxy_pass http://172.31.37.201:8181;
include proxy.inc;
}
location \#backend {
internal;
proxy_pass http://172.31.37.201:8181;
include proxy.inc;
}
location \#custom {
internal;
proxy_pass http://172.31.37.201:8181;
include proxy.inc;
}
location ~ .*\.(php|jsp|cgi|pl|py)?\$ {
proxy_pass http://172.31.37.201:8181;
include proxy.inc;
}
location ~ /\.ht {
deny all;
}
}
# Virtual host file ends here
Thank you!
Related
I have a simple Laravel route to provide to our users private files. We present files to users with the help of a middleware. Thus, we check whether the logged in user really has access to this file.
Everything is working as expected we on local environment. But we ran into a problem when we deployed it to the server. It does not see the Laravel route file in the Nginx location and tries to find the file in the root directory.
Laravel route example as below.
Route::get('lesson-attachment/{uuid}/{filename}', LessonAttachmentController::class)->name('lesson.attachment');
As you can see, we expect to receive a uuid and filename as url parameters. Actually the filaname parameter is required because we returns inline response on the exact url sometimes and we want to show the filename on the browser tab. Anyway, finally the codes here work fine on local machine.
But when we come to the nginx server, things get confused and when we look at the logs, we get the following error.
/var/www/vhosts/example.com/httpdocs/current/public/lesson-attachment/61cd7c8b-a7a1-49f8-86b8-d82825c9f55a/sample-file.pdf" failed (2: No such file or directory)
Here is the nginx conf:
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
The question is how can I run that url path on production server?
https://example.com/lesson-attachment/61cd7c8b-a7a1-49f8-86b8-d82825c9f55a/sample-file.pdf
For more information my development environment:
Macbook Pro
Laravel Valet
For more information our production environment:
Ubuntu 20
Nginx
Plesk Panel (core nginx configurations are provided from plesk)
Using php deployer tool for deployment to production.
UPDATE - The base server blocks of nginx configuration. Please note, it provides by Plesk.
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
map $sent_http_content_type $expires {
default off;
text/html epoch;
text/css max;
application/javascript max;
~image/ max;
~font/ max;
}
server {
listen ***** ssl http2;
expires $expires;
server_name example.com;
client_max_body_size 134217728;
# mailconfig
location ~* ^/autodiscover/autodiscover\.xml$ {
try_files $uri #mad;
}
location ~* ^(/\.well-known/autoconfig)?/mail/config\-v1\.1\.xml$ {
try_files $uri #mad;
}
location ~* ^/email\.mobileconfig$ {
try_files $uri #mad;
}
location #mad {
rewrite ^(.*)$ /mailconfig/ break;
proxy_pass http://127.0.0.1:8880;
proxy_set_header X-Host $host;
proxy_set_header X-Request-URI $request_uri;
}
# mailconfig
root "/var/www/vhosts/example.com/httpdocs/current/public";
access_log "/var/www/vhosts/system/example.com/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/example.com/logs/proxy_error_log";
#extension letsencrypt begin
location ^~ /.well-known/acme-challenge/ {
root /var/www/vhosts/default/htdocs;
types { }
default_type text/plain;
satisfy any;
auth_basic off;
allow all;
location ~ ^/\.well-known/acme-challenge.*/\. {
deny all;
}
}
#extension letsencrypt end
#extension sslit begin
#extension sslit end
#extension sectigo begin
location ^~ /.well-known/pki-validation/fileauth.txt {
try_files $uri $uri/ =404;
}
location ^~ /.well-known/pki-validation/ {
root /var/www/vhosts/default/htdocs;
types { }
default_type text/plain;
satisfy any;
auth_basic off;
allow all;
location ~ ^/\.well-known/pki-validation.*/\. {
deny all;
}
}
#extension sectigo end
error_page 400 "/error_docs/bad_request.html";
error_page 401 "/error_docs/unauthorized.html";
error_page 403 "/error_docs/forbidden.html";
error_page 404 "/error_docs/not_found.html";
error_page 500 "/error_docs/internal_server_error.html";
error_page 405 "/error_docs/method_not_allowed.html";
error_page 406 "/error_docs/not_acceptable.html";
error_page 407 "/error_docs/proxy_authentication_required.html";
error_page 412 "/error_docs/precondition_failed.html";
error_page 414 "/error_docs/request_uri_too_long.html";
error_page 415 "/error_docs/unsupported_media_type.html";
error_page 501 "/error_docs/not_implemented.html";
error_page 502 "/error_docs/bad_gateway.html";
error_page 503 "/error_docs/maintenance.html";
location ^~ /error_docs {
root "/var/www/vhosts/example.com";
}
location ~ /\.ht {
deny all;
}
location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
auth_basic_user_file "/var/www/vhosts/system/example.com/pd/d..httpdocs#plesk-stat";
autoindex on;
location ~ ^/plesk-stat(.*) {
alias /var/www/vhosts/system/example.com/statistics/$1;
}
location ~ ^/awstats-icon(.*) {
alias /usr/share/awstats/icon/$1;
}
location ~ ^/(.*) {
alias /var/www/vhosts/system/example.com/statistics/$1;
}
}
location ~ ^/~(.+?)(/.*?\.php)(/.*)?$ {
alias /var/www/vhosts/example.com/web_users/$1/$2;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
try_files $uri $fastcgi_script_name =404;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:/var/www/vhosts/system/example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
location ~ \.php(/.*)?$ {
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
try_files $uri $fastcgi_script_name =404;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:/var/www/vhosts/system/example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
index "index.html" "index.cgi" "index.pl" "index.php" "index.xhtml" "index.htm" "index.shtml";
disable_symlinks if_not_owner "from=/var/www/vhosts/example.com";
add_header X-Powered-By PleskLin;
include /etc/nginx/conf.d/expires.global;
include "/var/www/vhosts/system/example.com/conf/vhost_nginx.conf";
}
I'm trying to get my Wordpress blog hosted on blog.domain.com to work on domain.com/blog.
I have been able to do this with proxy_pass successfully but the issue is certain scripts such as the login page for admins (/wp-login.php) does not work - it gives me File not found.. I have isolated the issue to my Laravel applications FastCGI setup in my Nginx configuration. When I comment it out, my blog works but then my Laravel app is inaccessible. I've been trying different configurations but I have little knowledge with Nginx.
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mydomain.com;
server_tokens off;
root /home/appfolder/mydomain.com/public;
...
...
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/mydomain.com/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
# WHEN I COMMENT OUT THIS BLOCK, BLOG WORKS BUT LARAVEL BREAKS
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.4-fpm-mydomain.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location /blog {
proxy_redirect off;
proxy_set_header Host $host;
proxy_pass https://blog.mydomain.com;
}
location /blog/wp-content {
proxy_pass https://blog.mydomain.com/wp-content;
}
location /blog/wp-includes {
proxy_pass https://blog.mydomain.com/wp-includes;
}
location /blog/wp-content/uploads {
proxy_pass https://blog.mydomain.com/wp-content/uploads;
}
location /blog/wp-login.php {
proxy_pass https://blog.mydomain.com/wp-login.php;
}
location /blog/wp-admin {
proxy_pass https://blog.mydomain.com/wp-admin;
}
location /bitnami {
proxy_pass https://blog.mydomain.com/bitnami;
}
location /mod_pagespeed_beacon {
proxy_pass https://blog.mydomain.com/mod_pagespeed_beacon;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/mydomain.com-error.log error;
error_page 404 /index.php;
location ~ /\.(?!well-known).* {
deny all;
}
}
...
Hosted on an Ubuntu server managed by Laravel Forge. Any ideas?
Update: As per Richards answer, I have started getting it working a little bit but I need to add rules for all files which doesn't seem efficient.
I'm trying to get all .PHP files related to Wordpress (after /blog/) to be forwarded to the proxy. I have tried:
location ~ /blog/wp-admin/(\d+) {
add_header X-debug-message "$1";
proxy_pass https://blog.mydomain.com/wp-admin/$1;
}
But this doesn't seem to work.
I sorted it out by creating a regular expression to match anything after /wp-admin/ on forward it to the proxy. The configuration I use is:
location ~ (blog\/wp-admin)\/(.*)\.php$ {
proxy_pass https://blog.mydomain.com/wp-admin/$2.php?$query_string;
}
$2 is the second capture group (.*) which is appended to the proxy_pass URL and added any further arguments with ?$query_string.
Let me preface this by saying most of my "experience" comes from blindly copypasting config lines from various blogs and sites like this and hoping for the best.
Currently I have a setup like this:
Dynamic ddns hostname pointed at my public IP redirecting incoming traffic from ports 80 and 443 to a LXC container with nextcloud + certificate from letsencrypt for the same ddns hostname. So far so good.
this is the relevant nginx config:
server {
server_name stats;
listen 9753 default_server;
listen [::]:9753 default_server;
location /nginx-status {
stub_status on;
access_log off;
allow 127.0.0.1;
allow ::1;
deny all;
}
location ^~ /.well-known/acme-challenge {
proxy_pass http://127.0.0.1:81;
proxy_set_header Host $host;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
server_name nextcloud;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
client_max_body_size 10240M;
root /var/www/nextcloud/;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location / {
rewrite ^ /index.php;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ^~ /apps/rainloop/app/data {
deny all;
}
location ~ \.(?:flv|mp4|mov|m4a)$ {
mp4;
mp4_buffer_size 100M;
mp4_max_buffer_size 1024M;
fastcgi_split_path_info ^(.+?.php)(\/.*|)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
include php_optimization.conf;
}
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+).php(?:$|\/) {
fastcgi_split_path_info ^(.+?.php)(\/.*|)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
include php_optimization.conf;
}
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
location ~ .(?:css|js|woff2?|svg|gif|map|png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$request_uri;
access_log off;
expires 30d;
}
}
My original vision for altering this was to use nextcloud.ddns.net to access my nextcloud as before, but also be able to reverse proxy to different local machines via nextcloud.ddns.net/whatever, nextcloud.ddns.net/something etc. Why? Because in my absolute failure of understanding the underlying technology I envisioned this would keep using the already valid ssl certificate for nextcloud.ddns.net without me having to obtain a new certificate for each destination. Does it work like this? I still do not know, but that didn't stop me from trying. I tried including a new location /whatever directive in various places, but all I achieved was a) it not working at all, b) redirecting me to the original nextcloud, c) only working while connected to local lan.
Seeing as I wasn't getting anywhere I went the other way and registered another ddns hostname, pointed that at the same public IP and included this block at the top of the nginx.conf:
server {
listen 443 ssl;
server_name other_hostname.ddns.net;
location / {
proxy_pass http://different_local_machine.lan/;
}
}
This works but obviously complains about the certificate being issued to nextcloud.ddns.net not to other_hostname.ddns.net
Onto my questions then:
Is it at all possible to set it up as I originally thought of with using 1 ddns hostname with different /suffixes or is this not how it works at all?
How would I go about getting multiple lets-encrypt certificates in the working scenario with multiple ddns hostnames? I'm worried if I follow the same instructions as I did to get the cert for the nextcloud I'll end up messing that, as that is still the only internet-facing nginx.
How "safe" would I be in just ignoring the warning? I mean I know the certificate is for different hostname, but I actually know it's still a valid certificate.
Again I apologise for my technical shortcomings, it took me few days to find out that what I want to achieve is called reverse proxy and it didn't improve much from there, but I think what I want to achieve should be possible with help from internet strangers without me having to complete a semester of Computer Science
Thanks for any help!
Here is an example that can be used to handle this ... you may need to tweak the setup for your own needs ...
I use this in an nginx docker that is networked to two containers
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
In the /etc/nginx/conf.d/ directory resides the configuration files for each container ..
-- in site1.conf --
upstream production{
server container_name1:80;
}
server {
server_name site1.com;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Access-Control-Allow-Origin *;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://production/;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/site1.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/site1.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = site1.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name site1.com;
listen 80;
return 404; # managed by Certbot
}
-- in site2.conf --
upstream production_admin{
server container_name2:80;
}
server {
server_name admin.site1.com;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Access-Control-Allow-Origin *;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://production_admin/;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/site1.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/site1.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = admin.site1.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name admin.site1.com;
listen 80;
return 404; # managed by Certbot
}
Upstream will set the name that is used in the proxypass and just serve off port 80 for server. This should get you started
For what it's worth if anybody is as hopeless as I am and has this exact same problem, I managed to discover solution on another forum. 1 freaking line, that was it. proxy_set_header Referer $http_referer; What does it do? How should I know? It makes my stuff work as I want though and that's all I care about.
So the full working location block looks like:
location ~ /something {
proxy_pass http://somehost.lan:someport;
proxy_set_header Referer $http_referer;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
}
discussion that led me to the "discovery" : https://unix.stackexchange.com/questions/290141/nginx-reverse-proxy-redirection Bottom post, 1st comment.
I have upload my laravel project to remote linux host .This project works well on my local windows homestead.But when I put it on linux host,it does not work .
The project root is :/var/www/html/blog . the nginx config as follwing:
`server
{
listen 80;
#listen [::]:80;
server_name www.antichina.us ;
index index.html index.htm index.php default.html default.htm default.php;
root /var/www/html/blog/public;
# include other.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log off;
}
`
when I visit the project with the domain,(http://mydomain),it give an http 500 error. but when I set the root as /var/www/html/blog in the nginx config file, the index page of the project is working by visit: http://mydomain/public, other routes are all return 404 error.
I have tried my method,but it seems none is working.Any on ecould help me?thank you !
Add this to your nginx config
location / {
try_files $uri $uri/ /index.php?$query_string;
}
Your index line only needs to this also:
index index.php;
What's in this this file?
include enable-php.conf;
So I have been trying to implement the fastcgi cache on nginx. To test whether the cache is working, I added the header to display the cache status, HIT, MISS, etc using the following line:
add_header X-Cache $upstream_cache_status;
Problem is the header doesn't show up at all. When I hard code a value for the X-Cache header, it shows up though.
My nginx version information:
nginx version: nginx/1.4.6 (Ubuntu) built by gcc 4.8.4 (Ubuntu
4.8.4-2ubuntu1~14.04) TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module
My site-enabled config:
# You may add here your
# server {
# ...
# }
# statements for each of your virtual hosts to this file
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
#move next 4 lines to /etc/nginx/nginx.conf if you want to use fastcgi_cache across many sites
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header updating http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/;
index index.html index.htm index.php;
server_name thinkingtypes.com;
include hhvm.conf;
set $skip_cache 0;
# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
# Don't cache uris containing the following segments
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
add_header X-Cache $upstream_cache_status;
include fastcgi_params;
fastcgi_pass unix:/var/run/hhvm/hhvm.sock;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 60m;
}
location ~ /purge(/.*) {
#fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
}
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off; log_not_found off; expires max;
}
location = /robots.txt { access_log off; log_not_found off; }
location ~ /\. { deny all; access_log off; log_not_found off; }
}
Okay solved the issue myself, HHVM created another file hhvm.conf which handles php files separately though port or sock. I just needed to place the add header there, within that block for it to show up. Anywhere else, the upstream_cache variable was empty as it was not being set, due to the cache not being used.
You can also use nginx module
more_set_headers
by installing this https://github.com/openresty/headers-more-nginx-module#name nginx module.
then add this config to set your nginx header.
more_set_headers 'X-Cached: $upstream_cache_status';