Virtualmin, Nginx and Wordpress

I'm having an issue getting WordPress to work properly. I'm using Nginx and PHP7 on Ubuntu 16.04. The issue, I think are rewrites as mentioned in this forum post

Example: should redirect to but instead I get a 404 Nginx error.

Permalinks in general do not work correctly:

I have searched for a solution on the forum but there are no posts that match my specific stack nor issue on that stack. There are many articles discussing the merits of PHP-FPM / PHP CGI and FastCGI but I don't know the difference as to which is better and / or the cause of problems. What I do know is that I'm running Ubuntu 16.04 and as far as I know, PHP-FPM is installed by default with PHP 7.

Perhaps there is a simple and quick tweak I have failed to apply in some or other configuration file? The initial forum post I mentioned above was posted in 2012, so I'm sure the good folks at Virtualmin have already solved that issue.

A slightly more philosophical question motivated by the wise words of @Joe would be whether a marriage of Nginx and Wordpress, housed in a beautiful Virtualmin home, is really the stuff of a long lasting, happy marriage... or is divorce inevitable and only a matter of time for an ugly split? Nginx just seems too demanding on sacrifices Wordpress is expected to make and as we all know, marriage is two-way street. What are the real benefits for WordPress using Nginx? And are the benefits of Nginx really worth the hassle of having latent issues with plugins etc?

My intention for this VPS is to host Woocomerce stores for my clients. I fear I might be setting myself up for a lot of pain down the line.



Hi Mostafa

Yep, I figured as much. I'm looking for a fix when the server is created though, so those rewrite rules need to be applied when the server is created.

That's a LOT of configuration info! I too am trying to migrate a Wordpress site to Virtualmin.

I am migrating it from a linux vps that ran nginx + mysql, and the config worked with a helluva lot less code than what you linked to above.

I will be the first to admit that the nginx config I used (see below) was far from perfect. I suspect the primary problem now has to do with the rewrite rules, as phpinfo works and I can login to the database. There are no errors in the log file. I copied the rewrite rule from my config below into the one on the Virtualmin server but I still get the 404 errors. The /etc/nginx/nginx.conf is very basic, and there is nothing in the /etc/nginx/conf.d folder.

# This is the config for unsecure and php websites on original nginx web server
server {
    listen myIP:80;

    root /usr/share/nginx/html;
    index index.php index.html index.htm;

    error_page 404 /404.html;

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;

    # Immediately drop all xmlrpc requests, a common attack vector for Wordpress sites
    # This doesn't appear to work; no entries in the log file, tho plenty of requests for xmlrpc
    location ~ /xmlrpc.php.*$ {
         error_log /var/log/nginx/xmlrpc.log info;
         return 444;

    # Teminate connection immediately and do not log requests from these blacklist IP addresses
    if ($remote_addr ~* ^(191.96.249||||||$ ) {
        return 444;

    # Let Wordpress handle all 404 errors
    location / {
try_files $uri $uri/ /index.php?$args;
# try_files $uri $uri/ =404;

    # Add trailing slash to */wp-admin requests.
    rewrite /wp-admin$ $scheme://$host$uri/ permanent;

    # Pass all other .php files onto a php-fpm/php-fcgi server.
    location ~ \.php$ {
        include fastcgi_params;

        # Zero-day exploit defense.
        # Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine.  And then cross your fingers that you won't get hacked.
        try_files $uri =404;

# Ifs inside of location are risky, but try_files also has a bug that messes with regexp processing. What to do?
#        i f (!-f $document_root$fastcgi_script_name) {
#            return 404;
#        }

        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        access_log /var/log/nginx/oneAccess.log;
        error_log /var/log/nginx/oneError.log;

    location /nginx_status {
         stub_status on;
         deny all;

    location ~ /\. {
         log_not_found off;
         deny all;