bigretromike commented on issue #1755:
URL:
https://github.com/apache/incubator-pagespeed-ngx/issues/1755#issuecomment-1336252941
> In the last config you posted:
>
> > > pagespeed RewriteLevel CoreFilters;
> > > pagespeed RewriteLevel OptimizeForBandwidth;
I comment out `CoreFilters` both could work without issue as one enable more
than second one.
Still the issue even with almost everything comment out is that its fetching
or thinking that it fetch `http`://mydomain.com, when in realyty its
`https`://mydomain.com because http version is not available (there is not even
301 on new server)
The only thing that I have on mind is that pagespeed does work in that way
(but I would assume you guys or another user would just say `That is the way
pagespeed works` and that would end the topic, but then I don't think its the
case, so only one thing (other than wordpress files and database) taken from
old server that act the same way is nginx-site-configuration, maybe someone
more knowledgeable than me can spot the cupric - (I omitted include as those
are posted higher):
````
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mydomain.com www.mydomain.com;
root /var/www/mydomain.com/web;
index index.php index.html index.htm;
if ($host = www.mydomain.com) {
return 301 https://mydomain.com$request_uri;
}
set $no_cache 0;
include snippets/20-pagespeed_server.conf;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
gzip on;
autoindex off;
access_log /var/www/mydomain.com/logs/access.log compression2
buffer=32k flush=5m;
error_log /var/www/mydomain.com/logs/error.log; # debug;
keepalive_timeout 10;
keepalive_disable msie6;
keepalive_requests 200;
include snippets/30-csp.conf;
location /ngx_pagespeed_statistics { allow 127.0.0.1; allow
my.ip.address.here; deny all; }
location /ngx_pagespeed_global_statistics { allow 127.0.0.1; allow
my.ip.address.here; deny all; }
location /ngx_pagespeed_message { allow 127.0.0.1; allow
my.ip.address.here; deny all; }
location /pagespeed_console { allow 127.0.0.1; allow
my.ip.address.here; deny all; }
location ~ ^/pagespeed_admin { allow 127.0.0.1; allow
my.ip.address.here; deny all; }
location ~ ^/pagespeed_global_admin { allow 127.0.0.1; allow
my.ip.address.here; deny all; }
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
set $no_cache 1;
add_header "" "";
}
location ~ "^/pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
location = /nekomata {
allow 127.0.0.1;
allow my.ip.address.here;
allow my.second.address.here;
deny all;
stub_status;
}
location ~ ^/(status001|ping|nxg_nekomata)$ {
access_log /var/www/mydomain.com/logs/access-status.log;
allow 127.0.0.1;
allow my.ip.address.here;
allow my.second.address.here;
deny all;
include snippets/fastcgi-mydomain.conf;
}
location ~* /xmlrpc.php$ {
allow 127.0.1.1;
allow 127.0.0.1;
allow ::1;
allow my.second.address.here;
deny all;
include snippets/fastcgi-mydomain.conf;
}
location ~*
/(?:uploads|files|wp-content|wp-includes|akismet)/.*.php$ {
deny all;
}
location ~ /\.(svn|git)/* { deny all; }
location ~ /\. {deny all; }
location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
rewrite ^.*/sitemaps\.xml$ /index.php?seopress_sitemap=1
last;
rewrite ^.*/news.xml$ /index.php?seopress_news=$1 last;
rewrite ^.*/video.xml$ /index.php?seopress_video=$1 last;
rewrite ^.*/author.xml$ /index.php?seopress_author=$1 last;
rewrite ^.*/sitemaps_xsl\.xsl$
/index.php?seopress_sitemap_xsl=1 last;
rewrite ^.*/([^/]+?)-sitemap([0-9]+)?.xml$
/index.php?seopress_cpt=$1&seopress_paged=$2 last;
}
location /wp-json/ {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~* ^/wp-content/uploads/.*.(html|htm|shtml|php|js|swf)$
{deny all;}
location ~* ^/(wp-content)/(.*?)\.(zip|tar|bzip2|7z)\$ {deny all;}
location ~* .(pl|cgi|py|sh|lua|asp)$ {return 444;}
location ~*
/(wp-config.php|readme.html|readme.txt|license.txt|nginx.conf) {deny all;}
location ~* ^/wp-content/plugins/.+\.(txt|log|md)$ {deny all;
error_page 403 =404 / ;}
location ~* ^/wp-content/themes/.+\.(txt|log|md)$ {deny all;
error_page 403 =404 / ;}
location ~*
^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ {deny
all;return 404; }
if ($request_method = POST) {set $no_cache 1;}
if ($query_string != "") {set $no_cache 1;}
if ($request_uri ~*
"(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)")
{set $no_cache 1;}
if ($http_cookie ~*
"comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") {set
$no_cache 1;}
if ($request_uri ~*
"/checkout/|/zamowienie/|/my-account/|/moje-konto/|/cart/|/koszyk/|/newsletter/")
{set $no_cache 1;}
location / {
gzip on;
try_files $uri $uri/ /index.php?$is_args$args;
}
location = /favicon.ico { expires max; }
location = /robots.txt { }
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {return 404;}
gzip on;
# fastcgi_cache
add_header X-Cache-Status $upstream_cache_status;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
include snippets/fastcgi-php.conf;
fastcgi_cache mydomain;
fastcgi_cache_valid 200 302 10h;
fastcgi_cache_valid 404 5m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
fastcgi_cache_lock on;
fastcgi_cache_lock_age 5s;
fastcgi_cache_lock_timeout 5s;
fastcgi_read_timeout 600s;
fastcgi_pass unix:/var/run/php-fpm/mydomain.com.sock;
}
location ~ /purge(/.*) {
allow 127.0.0.1;
deny all;
fastcgi_cache_purge mydomain "$scheme$request_method$host$1";
}
location ~*
.(webp|avif|webm|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$
{
sendfile on;
sendfile_max_chunk 1m;
tcp_nopush on;
expires max;
add_header Cache-Control public;
open_file_cache max=1000 inactive=10h;
open_file_cache_valid 60s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
}
client_max_body_size 10M;
ssl_certificate /var/www/fullchain6.pem;
ssl_certificate_key /var/www/privkey6.pem;
ssl_ciphers
EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
add_header Strict-Transport-Security "max-age=15768000" always;
}
````
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@pagespeed.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
