Configuring Nginx to run Magento

Published September 12th, 2011


The other day I moved a clients existing Magento powered ecommerce site from Apache to nginx. The following is the configuration file I used to run the application under nginx.

The site is running flawlessly using this configuration and the memory drain caused by Magento under Apache seems to be somewhat less then it used to be meaning I am no longer having to restart the Apache httpd service as I had in the past when things got gummed up be the resource hungry application know as Magento. This configuration takes into account you will want to run Magento under both http and https so the first thing you will want to do is make sure SSL support is enabled in your nginx.conf file.

    ##
    # SSL Support
    ##
 
    map $scheme $fastcgi_https {
    default off;
        https on;
    }

Now you will want to create your sites-available file (or virtual host file as it may be refered to) you will want to have the following text contained within this file named something like yourdomain.com. Make sure you replace your paths and domain name as well as the path to your SSL certificate file and key file with the appropriate information for your environment.

server {
    # Listen on port 80 as well as post 443 for SSL connections.
    listen 80;
    listen 443 default ssl;
 
    server_name yourdomain.com www.yourdomain.com;
 
    # Specify path to your SSL certificates.
    ssl_certificate /etc/nginx/certificates/yourcertificate.crt;
    ssl_certificate_key /etc/nginx/certificates/yourcertificate.key;
 
    # Path to the files in which you wish to
    # store your access and error logs.
    access_log /path/to/your/logs/access_log;
    error_log /path/to/your/logs/error_log;
 
    # If the site is accessed via yourdomain.com
    # automatically redirect to www.yourdomain.com.
    if ($host = 'yourdomain.com' ) {
        rewrite ^/(.*)$ http://www.yourdomain.com/$1 permanent;
    }
 
    root /path/to/magento;
 
    location / {
        index index.html index.php;
        try_files $uri $uri/ @handler;
    }
 
    # Deny access to specific directories no one
    # in particular needs access to anyways.
    location /app/ { deny all; }
    location /includes/ { deny all; }
    location /lib/ { deny all; }
    location /media/downloadable/ { deny all; }
    location /pkginfo/ { deny all; }
    location /report/config.xml { deny all; }
    location /var/ { deny all; }
 
    # Allow only those who have a login name and password
    # to view the export folder. Refer to /etc/nginx/htpassword.
    location /var/export/ {
        auth_basic "Restricted";
        auth_basic_user_file htpasswd;
        autoindex on;
    }
 
    # Deny all attempts to access hidden files
    # such as .htaccess, .htpasswd, etc...
    location ~ /\. {
         deny all;
         access_log off;
         log_not_found off;
    }
 
    # This redirect is added so to use Magentos
    # common front handler when handling incoming URLs.
    location @handler {
        rewrite / /index.php;
    }
 
    # Forward paths such as /js/index.php/x.js
    # to their relevant handler.
    location ~ .php/ {
        rewrite ^(.*.php)/ $1 last;
    }
 
    # Handle the exectution of .php files.
    location ~ .php$ {
        if (!-e $request_filename) {
            rewrite / /index.php last;
        }
        expires off;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_param HTTPS $fastcgi_https;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param MAGE_RUN_CODE default;
        fastcgi_param MAGE_RUN_TYPE store;
        include fastcgi_params;
    }
}

Save this file then create a symbolic link for this file in your site-available folder.

ln -s /path/to/nginx/sites-available/yourdomain.com /path/to/nginx/sites-enabled/yourdomain.com

Now restart nginx and your done. Be sure to test accessing the site via both http and https making sure when checking your https connection your SSL certificates are loading properly.