• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Resolved nginx and browser cache

D

DavidN

New Pleskian
This post from April:
Resolved - NGINX enable browser cache expiration
addresses the issue I have, but it is still not working for me. When using nginx, the browser will not cache static content.

In Plesk (Onyx), apache & nginx settings, I have checked Proxy mode, Smart static file processing, and Serve static files directly by nginx.

In additional nginx directives, I have:
location ~ \.(js|css)$ {
expires 365d;
access_log off;
add_header Cache-Control "public";
}

I have tried adding css & js to the box under Serve static files directly by nginx, and also without these added. In either case, I always receive a 304 - not modified and download the files again from nginx cache instead of loading from browser cache.

Is there something more I need to do to get these to load from the browser cache?
 
Hi DavidN,

depending to your content ( and possible used .htaccess - files - - - pls. remember, that you still have apache as well, when using the "Proxy" - mode" ), try to use something like:
Code: 
location ~ \.(css|js|js2|js3|js4)$ {
    expires 365d;
    add_header Pragma "public";
    add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
    try_files $uri $uri/ $uri.html /index.php?$args;
}

if (!-e $request_filename){
    rewrite ^(.*)$ /index.php break;
}
 
DavidN said:
This post from April:
Resolved - NGINX enable browser cache expiration
addresses the issue I have, but it is still not working for me. When using nginx, the browser will not cache static content.

In Plesk (Onyx), apache & nginx settings, I have checked Proxy mode, Smart static file processing, and Serve static files directly by nginx.

In additional nginx directives, I have:
location ~ \.(js|css)$ {
expires 365d;
access_log off;
add_header Cache-Control "public";
}

I have tried adding css & js to the box under Serve static files directly by nginx, and also without these added. In either case, I always receive a 304 - not modified and download the files again from nginx cache instead of loading from browser cache.

Is there something more I need to do to get these to load from the browser cache?
Click to expand...

My own nginx additonals dirtectives to allow browser cache :
Code: 
 # Cache static files
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
 add_header "Access-Control-Allow-Origin" "*";
 access_log off;
 log_not_found off;
 expires max;
}
 
UFHH01 said:
depending to your content ( and possible used .htaccess - files - - - pls. remember, that you still have apache as well, when using the "Proxy" - mode" ), try to use something like:
Code: 
location ~ \.(css|js|js2|js3|js4)$ {
    expires 365d;
    add_header Pragma "public";
    add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
    try_files $uri $uri/ $uri.html /index.php?$args;
}
if (!-e $request_filename){
    rewrite ^(.*)$ /index.php break;
}
Click to expand...

UFHH01,
Your mention of proxy mode was key. I had disabled caching in my .htaccess file and forgot about it while focused on learning nginx. What I was seeing was after the first request, nginx was serving css and js files from its own cache and not having to go through apache, but no browser caching (which is correct). When I added my browser cache directives (in Plesk now instead of .htaccess) the browser cache works as expected.

Thanks for your help.
 
UFHH01 said:
that you still have apache as well, when using the "Proxy" - mode" ), try to use something like:....
Click to expand...
Hi,
it would be great if someone could tell me how the directives have to be without Proxy mode, only for nginx and also serving static files by nginx.
For this kind of Plesk configuration without Apache it's not easy to find the correct directives (which have to be pure nginx directives)..

Lots of greets
 
Last edited:
Hi Dukemaster,

this depends on your ( unique ) used content for your (sub)domain. The above mentioned "universal" directive should certainly be adjusted, if your content has ".htaccess" - files for apache. In such cases, consider to use the "htaccess to nginx" - Plesk extension, or ask for help at the official NGINX forum ( => Nginx Forum ) - ( where advanced systemadministrators with special NGINX knowledge will help you to find solutions/suggestions for your ( unique ) additional NGINX directives. ) ;)
 
Also make sure your browser has its cache enabled to begin with. Just a thought, since you said the server was correctly giving the response of "304 - not modified" to your browser's requests. If the browser has been there before, it should not ask for the "not modified" files again if it is listening to the expires headers. Also, even if everything is working correctly, a fresh/first browser visit to the site will always download all the files no matter what -- filling its cache -- same for a browser with a freshly cleared browser cache.
 
Thanks for your answer. I'm not really sure if it is so complicated, or if I understand you the right way.
- Yes there are additional .htaccess files in security sensitive directories. BUT these are only simple standard apache .htaccess files with "deny for all" order. Like for example the templates directory /httpdocs/templates/.htaccess [deny from all] with 644.
- I read, this simple "deny from all" I can replace by
Code: 
location ~ / {
        deny all;
}
- To set the correct redirects for Woltlab software there only works a solution especially for PLESK (the normal seo-friendly for nginx without Plesk is not working, because of location and the Woltlab seo system)
So you have to set under additional directives:
Code: 
if (!-e $request_filename)
{
    rewrite ^/(forum/|photos/|blogs/|calendar/)?(.+)$ /$1index.php?$2 last;
}
- All the last year(s) under Apache with Nginx as Proxy and FPM served Apache, nothing static served by nginx, (normal-) setup I had the following .htaccess content (really perfectly set by the help of team members of Woltlab):
Code: 
Options +FollowSymlinks

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /

# Rewrite application /calendar/
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^calendar/(.*)$ calendar/index.php?$1 [L,QSA]

# Rewrite application /blogs/
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^blogs/(.*)$ blogs/index.php?$1 [L,QSA]

# Rewrite application /photos/
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^photos/(.*)$ photos/index.php?$1 [L,QSA]

# Rewrite application /forum/
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^forum/(.*)$ forum/index.php?$1 [L,QSA]

# Rewrite application /
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^(.*)$ index.php?$1 [L,QSA]
</IfModule>

# caching
<FilesMatch "\.(ico|jpg|jpeg|png|gif|js|css|svg|swf)$">
    ExpiresActive on
    ExpiresDefault "access plus 10 days"
    Header unset ETag
    FileETag None
</FilesMatch>

# compression
<IfModule mod_deflate.c>
    <FilesMatch "\.(html|htm|css|js|xml|php|txt|svg)$">
    SetOutputFilter DEFLATE
    </FilesMatch>
</IfModule>

<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
    RewriteCond "%{HTTP:Accept-encoding}" "gzip"
    RewriteCond "%{REQUEST_FILENAME}\.gz" -s
    RewriteRule "^(.*)\.css" "$1\.css\.gz" [QSA]

# Serve gzip compressed JS files if they exist and the client accepts gzip.
    RewriteCond "%{HTTP:Accept-encoding}" "gzip"
    RewriteCond "%{REQUEST_FILENAME}\.gz" -s
    RewriteRule "^(.*)\.js" "$1\.js\.gz" [QSA]

# Serve correct content types, and prevent mod_deflate double gzip.
    RewriteRule "\.css\.gz$" "-" [T=text/css,E=no-gzip:1]
    RewriteRule "\.js\.gz$" "-" [T=text/javascript,E=no-gzip:1]
    <FilesMatch "(\.js\.gz|\.css\.gz)$">
    # Serve correct encoding type.
    Header append Content-Encoding gzip
    # Force proxies to cache gzipped & non-gzipped css/js files separately.
    Header append Vary Accept-Encoding
    </FilesMatch>
</IfModule>

RewriteCond %{HTTP_USER_AGENT} ^SEOkicks [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^SEOkicks-Robot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^sistrix [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^MajesticSEO [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^BacklinkCrawler [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^xovi [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^XoviBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^MJ12bot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^spbot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^SearchmetricsBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^search17 [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^AhrefsBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^ia_archiver [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^TurnitinBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^SlySearch [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^findlinks [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^magpie-crawler [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^Pixray-Seeker [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^008 [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^Ezooms [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^lb-spider [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^WBSearchBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^psbot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^HuaweiSymantecSpider [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^EC2LinkFinder [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^htdig [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^SemrushBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^discobot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^linkdex.com [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^SeznamBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^EdisterBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^SWEBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^picmole [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^Yeti [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^Yeti-Mobile [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^PagePeeker [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^CatchBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^yacybot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^netEstateNECrawler [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^SurveyBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^COMODOSSLChecker [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^Comodo-Certificates-Spider [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^gonzo [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^schrein [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^AfiliasWebMiningTool [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^suggybot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^bdbrandprotect [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^BPImageWalker [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^Updownerbot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^lex [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^ContentCrawler [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^DCPbot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^KaloogaBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^MLBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^iCjobs [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^oBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^WebmasterCoffee [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^Qualidator [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^Webinator [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^Scooter [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^thunderstone [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^larbin [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^OpidooBOT  [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^ips-agent [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^TinEye [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^UnisterBot [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^Unister [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^ReverseGet [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{HTTP_USER_AGENT} ^DotBot [NC]
RewriteRule ^.* - [F,L]

Depending on the hosting settings also in the very first beginning of .htaccess also:
Code: 
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}/$1 [L]

This is really a good configuration in standard PLESK hosting environment. gzip, hsts, ssl, dhparam activated by the amazing support of Plesk Talk, mostly by YOU, mister @UFHH01 over /etc/nginx/conf.d/ .
But to run this only by Plesk it's more as a gift to get this goal..
 
Last edited:
Hi Dukemaster,

Dukemaster said:
location ~ / { deny all; }
Click to expand...
well... give it a try and you will see, that you now denied ALL access for each file and folders. ;)

Sorry but this sort of "guessing" will not really succeed from my point of view. Pls. consider to inform yourself a bit better about NGINX - directives, by reading the official NGINX documentation! Here are some links to start with:

 
Thanks, yes, @UFHH01 I did it already before the last posting, and it worked fine. It means that I have to replace this content in "ALL" .htaccess files in various directories in my community. But they are not sooo many, and I like to do it for a real good configuration. No problem, working hard brings success. First THANKS for this help @UFHH01 !
Gzip ist also done months ago by your help in the additional gzip /etc/nginx/conf.d, and also OK and THANKS again.
What makes a sleepless are the other rules. Caching, Expire and a tick more Compressing. Therefor I had opened another thread here inside two days ago.
I've read dozens of threads in PLESK TALK, really good one, but in the end it comes clear that the user is using the Nginx-Proxy variant, like everytimes.
Nevertheless, I'm happy to get further, step by step and that you are involved, because the whole environment is yours, I think you know it. I'm following...:)
all good advices are welcome and realized.
EDIT: I already read exactly your links. But this is raw material and more related to standalone nginx installations without Plesk. Sorry, it helps to understand, but not to realize it, because of the individual Plesk templates and configs.
Greets
 
Last edited:
Hi Dukemaster,

Dukemaster said:
But this is raw material and more related to standalone nginx installations without Plesk
Click to expand...
... but BEFORE you are allowed to drive a car, you have to make sure, that you pass the driver license test - even that you will not drive with the very same car, as within your driving lessons. ;)

The "test-and-try" - method is a veeeeeery long process, so I personally think, that learning some basics won't hurt at all. :p:D:p
 
You must log in or register to reply here.

Similar threads

Hangover2
Resolved "Smart static files processing" is not working anymore
Replies
3
Views
5K
Hangover2
Hangover2
L
Issue File modification visible in the browser only after ~50 seconds of waiting
Replies
3
Views
240
Ludo
L
Hangover2
Resolved Smart static files processing is only working for lowercase file extensions
Replies
8
Views
618
ChristophRo
ChristophRo
T
WP-Toolkit and cache clearing from wordpress
Replies
0
Views
905
thinkjarvis
T
A
Question How to use Clear-Site-Data header rule to clear browser cache
Replies
2
Views
1K
AntoineW
A
Back
Top