Running WordPress in different directory

Table of ContentsExamples Running a blog from /blog where the directory is /wp/wordpressMageStack allows you to run WordPress in a manner of different ways, if you simply want to run your blog from a directory called /blog - see running WordPress in a subdirectory. But if you want to run a more complex WordPress deployment, … Continue reading

Allowing web access to forbidden directories

Table of ContentsExamples Granting access by IPBy default, the security rules on MageStack prevent web access to important Magento directories. For example, if you need to access a file via a web browser in ./var/export - you'll see a 403 Forbidden message. Examples Granting access by IP Using some Nginx rules, its possible to permit … Continue reading

Embedded variables

Table of ContentsVariables Environment Magento Specific MageStack Environment Caching Access & Security ContentMageStack features a number of built in Nginx variables to control different behaviours, be it caching, security settings and much more. Some options can be changed to adjust response headers or request processing whilst others are read only. Variables Environment Nginx Variable Read … Continue reading

Implementing Vary:User-Agent

MageStack natively supports the Vary: User-Agent header, however, as it isn't a setting applicable to all stores, it is disabled by default. To enable the User-Agent vary header, you only need to set a single variable in your vhosts configuration, Edit your ___general/ (where is your chosen domain), and add set $magestack_vary_user_agent true; Then … Continue reading

Rate Limiting Requests

Table of ContentsOptions Enabling Custom Rate Limiter Examples Rate limit AJAX search to 1 request per 10 seconds Rate limit AJAX search to 1 request per 10 seconds, but whitelist given IPs Rate limit AJAX search to 1 request per 10 seconds, but only for specific country codes and whitelist given IPs Rate limit account … Continue reading

Altering Static File Handling

Table of ContentsExamplesMageStack treats dynamic content different to static content, Eg. Different HTTP timeouts Different caching rules Different DOS rules etc. Static files by default are defined here To override the default behavior of a 404 error on non-existent static content (eg. for Magento downloadable content), you can either add a location directive, or add … Continue reading

Rate Limiting API Requests

Table of ContentsOptions Enabling API Rate Limiter Examples Rate limit API to 1 request per 10 seconds Conditionally Rate limit by IP to 1 request per 10 seconds Conditionally Rate limit by user agent to 1 request per 10 secondsThe Magento API is most commonly used when a store is integrated with a 3rd party … Continue reading

Implementing If-Modified-Since

Table of ContentsAdvanced Configuration Easy Configuration NotesFor static content, the expires headers are set by default in MageStack. They can be overridden using either the native Nginx expires directive, or the more powerful $magestack_cache_lifetime (see Controlling Varnish cacheable content. For dynamic content, this is not so consistent, as Nginx will not set any expires directives, … Continue reading

Redirect all content from HTTP to HTTPS

If you want to ensure that every page on your site is served over HTTPS, you should add the following rewrite rules, replace with your SSL enabled domain In ___general/, # Redirect all content to HTTPS set $redirect "0"; if ($host ~* "^(www\.)?$") { set $redirect "go"; } if ($my_http = http) { set … Continue reading

Pre-Defined Server Variables

Table of ContentsVariablesMageStack has a number of predefined server variables ($_SERVER) that you can utilise for adding additional functionality, debugging or logging. A key benefit is that we accelerate some functionality in the OS itself, such as GeoIP lookups; which means the overhead of PHP classes or the PHP Extension for GeoIP isn't required for … Continue reading