Reverse proxy is caching php pages?

nano nginx-forum at
Fri Aug 31 11:32:49 UTC 2012

I setup a reverse proxy on my forum and everything is working okay. (I

http {
    proxy_cache_path              /usr/local/nginx/cache  levels=1:2
keys_zone=STATIC:10m inactive=24h max_size=1g;
  server {
        listen                    80;
       #listen                    [::]:80 ipv6only=on;
        return                    301 https://$host$request_uri;

    server {
        listen           ssl spdy;
       #listen                    [::]:443 ipv6only=on ssl;

        server_name     ;

        ssl                       on;
        ssl_session_cache         shared:SSL:10m;
        ssl_session_timeout       10m;
        ssl_protocols             SSLv3 TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_certificate           /usr/local/nginx/ssl/server.pem;
        ssl_certificate_key       /usr/local/nginx/ssl/ssl.key;
        ssl_ecdh_curve            secp521r1;

        keepalive_timeout         300;

        add_header Strict-Transport-Security "max-age=7776000;

        error_page 502 504         /offline.html;

        location / {
            proxy_pass   ;
            proxy_set_header       Host xxx.yyy;
            proxy_set_header       CF-Connecting-IP $remote_addr;
            proxy_set_header       X-Forwarded-Proto https;
            proxy_cache            STATIC;
            proxy_cache_valid      200  7d;
            proxy_cache_use_stale  error timeout invalid_header updating
http_500 http_502 http_503 http_504;

        location = /offline.html {
            root html;

[small note: Do I really even need ssl_ecdh_curve? fine without? I can't
find documentation on it so idk why I'm using it]

Config on my main site:

  server {
        listen [::]:80 ipv6only=on; # listen for IPv6 only traffic on IPv6
        listen 80; # listen also for IPv4 traffic on "regular" IPv4 sockets

        server_name  xxx.yyy;

        client_max_body_size 30M; #for large file uploads

        access_log  /home/web/logs/access.log  main;
        error_log /home/web/logs/error.log;
        root   /home/web/site;

        error_page  404 403    /404.html;

        location ~ /\.ht {
            deny   all;
            return 404;

        location ~ /(addons|data|attachments) {
            deny   all;
            return 404;

        location ~ \.php$ {
            try_files          $uri = 404;
            fastcgi_pass       unix:/tmp/php-fpm.sock;
            fastcgi_index      index.php;
            fastcgi_param      SCRIPT_FILENAME 
            include            fastcgi_params;

        location ~ \.(?:ico|css|js|gif|jpe?g|png)$ {
            expires         90d;
            add_header      Cache-Control public;

        location ~ \.(?:html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml)$ {
            expires 180s;
            add_header Cache-Control "public, must-revalidate";

When I have scripts that should not be cached they get cached. For example
if I have a script that displays my IP address, visiting that page on the
reverse proxy it gets cached and is publicly viewable to everyone. How can I
prevent the reverse proxy from caching PHP pages or pages ending in .php?

Posted at Nginx Forum:,230385,230385#msg-230385

More information about the nginx mailing list