博客开通以来,主要记录学习和使用过程中遇到的问题及解决方案。文章风格偏向自娱自乐,因此访问量较少,一台1核1G的vps足以支撑网站的正常运行。
后来本站引入三个页面,这三个页面应该对有上外网需求的网友很有帮助,也给本站带来了很大的流量。本站用的WordPress程序,尝试过安装各种缓存插件(super cache, w3 total cache等)加速运行,但是低配的vps依然难以支持这么大的访问量。通过日志可以看到随着访问量的增加,php-fpm进程增多,Mysql的连接和线程增多,接着出现OOM,然后系统kill掉占用内存最大的Mysql进程,于是网站进入503宕机模式。
买更好的vps能解决访问量大的问题,但是要花更多的钱。做为一个技术宅,首先想到的当然是如何榨干现有机器来支撑大流量。做过的尝试包括切换到比WordPress性能更好的Ghost,参考:尝试Ghost 。但是相对于WordPress,Ghost的生态远没有那么成熟,最终放弃了。
左思右想下,终极解决办法是用Nginx缓存,最初的文章可参考:Nginx配置fastcgi cache。fastcgi_cache的好处是大部分用户的请求不用后端php-fpm打交道,直接发送缓存的静态页面,速度上甩各种WordPress插件好几条街!相比之下wordpress的各种插件还要执行php,也避免不了访问数据库,弱爆了!
自从使用了nginx缓存,网站平稳运行,再也没有出现过宕机的现象。同时vps的cpu和内存占用率直线下降,再也无需担心vps的配置问题,感觉再来10倍流量博客也撑得住!
因为nginx稳如狗的体验,所以现在对于博客类读多写少的产品都是强推nginx缓存(fastcgi缓存或者proxy缓存)。鉴于可能帮到一些网友,现贴出 /etc/nginx/nginx.conf 配置文件供网友参考(包含ssl设置和gzip部分):
# 文件: /etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$request_time"';
access_log /var/log/nginx/access.log main buffer=32k flush=30s;
server_tokens off;
client_max_body_size 100m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# ssl配置
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_session_tickets off;
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify on; # Requires nginx => 1.3.7
add_header Strict-Transport-Security "max-age=63072000; preload";
#add_header X-Frame-Options DENY;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
# 请按照自己的需求更改
fastcgi_cache_path /var/cache/nginx/tlanyan levels=1:2 keys_zone=tlanyan:10m inactive=30m use_temp_path=off;
fastcgi_cache_key $request_method$scheme$host$request_uri;
# note: can also use HTTP headers to form the cache key, e.g.
#fastcgi_cache_key $scheme$request_method$host$request_uri$http_x_custom_header;
#fastcgi_cache_lock on;
fastcgi_cache_use_stale error timeout invalid_header updating http_500;
fastcgi_cache_valid 200 301 302 10h;
fastcgi_cache_valid 404 10m;
fastcgi_ignore_headers Expires Set-Cookie Vary;
# gzip 配置
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 7;
gzip_types
text/css
text/plain
text/javascript
application/javascript
application/json
application/x-javascript
application/xml
application/xml+rss
application/xhtml+xml
application/x-font-ttf
application/x-font-opentype
application/vnd.ms-fontobject
image/svg+xml
image/x-icon
application/rss+xml
application/atom_xml
image/jpeg
image/gif
image/png
image/icon
image/bmp
image/jpg;
gzip_vary on;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
}
及用于WordPress站点的网站配置文件(/etc/nginx/conf.d/tlanyan.conf):
server {
listen 80;
listen [::]:80;
server_name www.wpon.cn wpon.cn; # 请换成自己的域名
rewrite ^(.*) https://$server_name$1 permanent;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.wpon.cn wpon.cn; # 请换成自己的域名
charset utf-8;
ssl_certificate /etc/nginx/conf.d/wpon.pem; # 请换成自己的证书和密钥
ssl_certificate_key /etc/nginx/conf.d/tlanyan.key;
set $host_path "/var/www/wpon"; # 请改成自己的路径
access_log /var/log/nginx/tlanyan.access.log main buffer=32k flush=30s;
error_log /var/log/nginx/tlanyan.error.log;
root $host_path;
# 缓存标记
set $skip_cache 0;
if ($query_string != "") {
set $skip_cache 1;
}
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# 登录用户或发表评论者
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
location = / {
index index.php index.html;
try_files /index.php?$args /index.php?$args;
}
location / {
index index.php index.html;
try_files $uri $uri/ /index.php?$args;
}
location ~ ^/\.user\.ini {
deny all;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9000;
fastcgi_cache tlanyan;
fastcgi_cache_valid 200 301 302 30m;
fastcgi_cache_valid 404 10m;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache_lock on;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar|jpeg)$ {
expires max;
access_log off;
try_files $uri =404;
}
}
上述配置对最新版的Nginx测试有效,详细配置指令请参考Nginx官方文档。
更多WordPress技术文章,请访问WordPress栏目!