Nginx with web server + WordPress

If I just use Nginx as a web server with WordPress, can I use friendly URLs even with the default Nginx template or do I need to choose the WordPress template in the settings?

Thanks Maison

Als ways pick Wordpress template…

How did I miss this for Nginx; I see the template at /usr/local/hestia/data/templates/web/nginx/php-fpm/wordpress.tpl

But is there a place in the HestiaCP UI to select this?

Edit Web Domain -> Advanced Options -> Web Template NGINX

1 Like

I’ve only seen:

This lists:

But not:

This server is configured with Apache + Nginx

That template is for Nginx standalone.

Proxy Template only lists the contents of templates/web/php-fpm; so the drop down combo box looks like:

That’s only five options (NodeApp is one I created). But in all my Hestia installations that I have seen, the contents of templates/web/nginx/php-fpm does not appear in the HestiaCP UI.

Should it? Or are we just to use templates/web/nginx/php-fpm as reference, and copy them over manually when needed?

Templates in that dir are for NGINX standalone + PHP-FPM not for NGINX as Proxy + PHP-FPM + Apache2

1 Like

Would it be possible to use those templates in the Nginx Proxy + Apache “non-standalone” version? It appears to work with the “hosting” option; but I believe there are other permalink/WordPress MU features that might need those other directives.


%web_port% to %proxy_port$

And the same for ssl …

And it should work.

But default should work fine with Wordpress MU

1 Like

@eris Look, I was noticing that most people who use Wordpress normally use Wordfence, but for those who use Ngnix there is a file that needs to be hidden via the Ngnix configuration, can you include this in the model?

I think that just inserting the first rule is enough for common people

Hiding .user.ini if your server runs NGINX

The “.user.ini” file that Wordfence creates can contain sensitive information, and public access to it should be restricted. If your server runs NGINX you have to do this manually. Append the following directives to the server context of your “nginx.conf” file:

location ~ ^/\.user\.ini {
deny all;

If your WordPress installation resides in a subdirectory, you should add the path portion of the URL to the pattern:

location ~ ^/wordpress/\.user\.ini {
deny all;


There is no need to include that, wordpress template includes this already :

location ~ /\.(?!well-known\/) {
    deny all;
    return 404;

And that means that if any file/dir starts with a dot and is not followed by well-known, the access will be denied and return code 404 (not found) send to the client.

You can try it yourself :wink:

1 Like