Wordpress multisite + SSL

Giulio Loffreda giulio at loffreda.com.br
Fri Apr 6 17:40:21 UTC 2018


I have one wordpress multisite with subdomain being served by Nginx.

We have the main domain, lets call domain.com.
We use custom domains for customer site lets say customerone.com, customertwo.com… with correspondent subdomain on WP, as customerone.domain.com, customertwo.domain.com.

Everything works fine with the configuration at the end of this email.

However, now we want to secure some custom domains for example https://customerone.com.

For one secured domain, it works fine. I can use some plugin to force HTTPS on WP and insert certificate on top of nginx configuration.

The problem is when I have more than one domain to secure.

I tried to insert more than one ssl_certificate on top to secure base domain (domain.com) and its subdomains. Doesn’t work.
Then i search for some configuration to check domain and load the right certificate, couldn’t find.

Can someone help us to configure our server to work with non-ssl + ssl and Wordpress multisite subdomain ?

Thank you

map $http_host $blogid {
    default       -999;

server {
    server_name domain.com *.domain.com ;

    root /var/www/html/portal;
    index index.php;

    access_log /var/log/nginx/domain.access.log combined;
    error_log /var/log/nginx/domain.error.log;

    location / {
        try_files $uri $uri/ /index.php?$args ;

    #WPMU Files
        location ~ \.php$ {
                autoindex on;
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
               # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

                # With php5-fpm:
                #fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                client_max_body_size       100M;
                proxy_connect_timeout      180;
                proxy_send_timeout         180;
                proxy_read_timeout         180;
        location ~ ^/files/(.*)$ {
                try_files /wp-content/blogs.dir/$blogid/$uri /wp-includes/ms-files.php?file=$1 ;
                access_log off; log_not_found off;      expires max;

    #WPMU x-sendfile to avoid php readfile()
    location ^~ /blogs.dir {
        alias /home/portal/wp-content/blogs.dir;
        access_log off;     log_not_found off;      expires max;

    #add some rules for static content expiry-headers here
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20180406/3fc51dca/attachment-0001.html>

More information about the nginx mailing list