/
Pack Hosting Panel

Magento 2 Nginx configuration

Which Nginx configuration is recommended for Magento 2

Nginx configuration Magento 2

In this article we will explain how to set up a basic configuration in Nginx for your Magento 2 shop. We will explain how to add a static signing and a media file generation configuration.

Static signing en genereren media files

In your Magento 2 webshop, you may choose to enable static signing. Static signing is a Magento feature that redirects the browser cache of static resources. To enable this, Magento adds a deployment version number to the URL of the static files.

The Nginx configuration to enable static files is already set up for direct use. All you need to do is activate the set up, here is how to do that:

Log in to your environment

Log in using SSH to your environment.

Navigate to the location of the file

As soon as you are logged in navigate to the file location. The file is named magento.nginx.confand located in: /home/<username>/domains/<domainname>/var/etc/magento.nginx.conf

Activate the Magento 2 configuration

Activate the Magento 2 configuration in the file. The configuration is found at the top of the magento.nginx.conf file. Activate it by removing the heading hashes (#), the configuration will look like this:

################################
# Magento 2 configuration
################################
location /media/ {
    try_files $uri $uri/ /get.php$is_args$args;

    location ~ ^/media/theme_customization/.*\.xml {
        deny all;
    }

    location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
        add_header Cache-Control "public";
        add_header X-Frame-Options "SAMEORIGIN";
        expires +1y;
        try_files $uri $uri/ /get.php$is_args$args;
    }
    location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
        add_header Cache-Control "no-store";
        add_header X-Frame-Options "SAMEORIGIN";
        expires    off;
        try_files $uri $uri/ /get.php$is_args$args;
    }
    add_header X-Frame-Options "SAMEORIGIN";
    add_header 'Access-Control-Allow-Origin' '*' always;
}

location /static/ {
    # Uncomment the following line in production mode
    expires max;

    # Remove signature of the static files that is used to overcome the browser cache
    location ~ ^/static/version {
        rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
    }

    location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
	add_header 'Access-Control-Allow-Origin' '*' always;
        add_header Cache-Control "public";
        add_header X-Frame-Options "SAMEORIGIN";
        expires +1y;

        if (!-f $request_filename) {
            rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
        }
    }
    location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
        add_header Cache-Control "no-store";
        add_header X-Frame-Options "SAMEORIGIN";
        expires    off;

        if (!-f $request_filename) {
           rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
        }
    }
    if (!-f $request_filename) {
        rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
    }
    add_header X-Frame-Options "SAMEORIGIN";
    add_header 'Access-Control-Allow-Origin' '*' always;
}

Save the file and reload the Nginx configuration

Save your changes and reload the Nginx configuration by using this command: nginx-reload. This will generate the following output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Nginx configuration reload successful

The configuration is now active and your sensitive data are protected against the outside world.