You are here
Basil Kurian - Fri, 2010/08/13 - 06:30
According to Netcrafts' report , Nginx in powering wordpress.com
http://uptime.netcraft.com/up/graph?site=wordpress.com
admin username : admin ; admin password : admin
The wp-config.php file is tweaked in such a way that , even if the url of the site or ip of the machine changes , the site will be served.
base : Turnkey core lucid
Forum:
Not sure about an Nginx based Wordpress appliance
The trouble with Nginx is that it's harder to configure than Apache. For example, there's no Webmin support for Nginx so any tweaks to the configuration would need to be done by hand.
By comparison, Apache has excellent support in Webmin, there's a ton of excellent documentation and the skills to configure it are wider spread.
Nginx may be running
Nginx may be running WordPress Themes but wordpress.com hosts millions of blogs and is maintained by a highly skilled crew of experts. It's not a "typical" appliance usage scenario. It might be right for them but it doesn't mean it's right for our users.
Webmin nginx module
They have a webmin module for nginx now:
http://www.webmin.com/cgi-bin/search_third.cgi?search=nginx
Thanks for the info
However, my concern is that as it is a "third party module" (so not maintained by Jamie Cameron; the Webmin core dev) there may be security issues. Especially if you pair that with the fact that it hasn't been updated in over 2 years.
So I've reached out to Justin Hoffman (the Nginx module developer) to get some clarification on it's status. I essentially asked him whether it is "unmaintained" or if it's just so awesome it hasn't needed update! :)
.
What i considered earlier was , there may be some advantages in running Wordpress on NginX , than running on Apache that made the Wordpress people move to Nginx (unless they have some hatred towards Apache )
They're probably using nginx as a load balancer
In general Nginx is one of the highest performance web servers out there. For performance you trade off flexibility and ease of use. When you're serving billions of page views squeezing every last bit of performances makes sense.
For smaller sites, it might not...
Insecure Configuration
It looks like the configuration file for the default site has a security risk. The php location block will allow an uploaded file such as /uploads/sample.jpg to be parsed by php. This could result in arbitrary php code execution on the server. The configuration file sample at Wordpress Codex page mentions it and is using `try_files $uri =404;` within the location block as a workaround.
For more information about the vulnerability, you can see these blog posts:
Thanks a lot for the information
Let me go through the configuration files. I was unaware of the security risk
Any updates on nGinx running on turnkey?
I guess I am too impatent, I hear too many good things about nGinx, faster, less RAM, CPU, but there is no control panel for it. it would be nice mr Basil could continue working on this.
check my site at http://www.u-pull-it-junkyard.com and http://www.pick-and-pull.com
I suspect that v12 TKL release will include LEMP appliance
But whether other appliances will also be released running on the LEMP stack I don't know.
BTW I have read that the latest version of Apache is much better - faster, uses less RAM and CPU etc (Apache dev is being pushed to get it to run more efficently by the performance benefits of nGinX from what I gather). Also v12 TKL appliances should be 64 bit I reckon and 64 bit Apache already is much more efficent that 32 bit (acording to performance stats I have seen anyway).
Add new comment