@trialotto Let's talk about "proper Nginx configuration". Here is how I have set it up:
------------------------------------------------------------
Expires = 30d
Restrict the ability to follow = ON
Proxy mode = ON
Smart static files processing = ON
Serve static files directly by nginx =ON
Enable nginx caching = ON
Disable caching for locations ="/wp-admin/"
Bypass cache when = all 3 ON
Return stale cached records = all 3 OFF
Additional nginx directives:
# enable GZIP compression
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types application/javascript application/rss+xml application/vnd.ms-fontobject application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/opentype font/otf font/ttf image/svg+xml image/x-icon text/css text/html text/javascript text/plain text/xml;
# Security Headers - X-XSS-Protection
add_header x-xss-protection "1; mode=block" always;
# Security Headers - X-Frame-Options
add_header X-Frame-Options SAMEORIGIN;
# Security Headers - X-Content-Type: nosniff
add_header X-Content-Type-Options nosniff;
# Security Headers - HTTP Strict Transport Security (HSTS)
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
------------------------------------------------------------
And then nothing in the WP itself. Is this what you'd call proper? Or is anything to be optimized?
OLAF