Pre-configured environment for PHP-FPM + Nginx with Docker using alpine images.
git clone https://github.com/gustavonovaes/docker-php7-nginx-alpine.git
cd docker-php7-nginx-alpine
docker-compose up
git clone https://github.com/gustavonovaes/docker-php7-nginx-alpine.git
cd docker-php7-nginx-alpine
docker-compose -f docker-compose.prod.yml up
- Composer
- XDebug (only dev)
- Redis
- Postgres
- Opcache (only prod)
- PHP-FPM optimizations
- PHP security
- PHP GD: FreeType, JPG, PNG, GIF, WEBP
- PHP ImageMagick 6
- Mysql
- Zip
- Calendar
- Socket
- Requests limit per second and address
- Loading balancing for PHP-FPM
- Cache
- Security Headers
- Optimizations
This configuration applies to a 2 GB RAM machine where 1.5G is dedicated to php-fpm.
php-fpm.conf and www.conf:
- process timeout
- emergency restart threshold/interval
- idle timeout
- max children and servers
Configs in custom.ini and custom.prod.ini for set possible restrictions:
- memory limit
- max execution time
- upload limits: max filesize, max files
- input data restrictions: max post size, max input time, max input vars, input nesting level
- Opcache definitions
- Security Cookies: domains, HTTPS
- General Security: url open/include, disabled_functions
- max requests per second or IP zones
- timeouts: keepalive_timeout, fastcgi_read_timeout
- client_max_body_size (should be at least the same of upload_max_filesize/post_max_size)
- Security headers: Content-Security-Policy, X-XSS-Protection, X-Content-Type-Options, X-Frame-Options
The Nginx and PHP-FPM logs are stored in /var/log
.
A php.ini scanner for best security practices (psecio/iniscan)
Tuning dynamic php-fpm settings (cmorrell.com/php-fpm)
Maximizing PHP 7 Performance with NGINX, Part 1: Web Serving and Caching
Maximizing PHP 7 Performance with NGINX, Part 2: Multiple Servers and Load Balancing