File: //etc/nginx/sites-enabled_24/dreamstour-wp.conf
server {
listen 443 ssl;
server_name dreamstour-wp.dreamstechnologies.com;
root /mnt/data/dreamstour-wp;
index index.php index.html index.htm;
ssl_certificate /etc/nginx/ssl/stardreams.pem;
ssl_certificate_key /etc/nginx/ssl/stardreams.key;
# -------------------------------
# Security headers
# -------------------------------
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
add_header Strict-Transport-Security "max-age=86400; includeSubDomains";
# -------------------------------
# TIMEOUT SETTINGS (504 FIX)
# -------------------------------
client_header_timeout 300s;
client_body_timeout 300s;
send_timeout 300s;
# FastCGI timeouts (critical for PHP-FPM)
fastcgi_connect_timeout 300s;
fastcgi_send_timeout 300s;
fastcgi_read_timeout 300s;
# Optional buffer settings for heavy payloads
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
# -------------------------------
# PHP-FPM configuration
# -------------------------------
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
# Ensure PHP inherits same timeout policy
fastcgi_connect_timeout 300s;
fastcgi_send_timeout 300s;
fastcgi_read_timeout 300s;
}
# -------------------------------
# Security restrictions
# -------------------------------
location ~ /\.(env|ini|log|sh|sql)$ {
deny all;
}
location ~ /\.git {
deny all;
}
# -------------------------------
# General routing
# -------------------------------
location / {
try_files $uri $uri/ /index.php?$query_string;
}
# -------------------------------
# Logging
# -------------------------------
error_log /var/log/nginx/dreamstour-wp_error.log;
access_log /var/log/nginx/dreamstour-wp_access.log combined;
}