diff --git a/roles/nginx/files/fastcgi_cache b/roles/nginx/files/fastcgi_cache
new file mode 100644
index 0000000..a6b352b
--- /dev/null
+++ b/roles/nginx/files/fastcgi_cache
@@ -0,0 +1,4 @@
+fastcgi_cache_key $scheme$host$request_uri;
+# According to the docs, a 1m key zone can store ~8,000 keys, so 10m should
+# be enough. See: http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html
+fastcgi_cache_path /var/cache/nginx/cached/fastcgi levels=2:2 keys_zone=global:10m inactive=60m max_size=1G;
diff --git a/roles/nginx/files/nginx.conf b/roles/nginx/files/nginx.conf
index ff0346a..35a1061 100644
--- a/roles/nginx/files/nginx.conf
+++ b/roles/nginx/files/nginx.conf
@@ -37,5 +37,6 @@ http {
 
     client_max_body_size 12m;
 
+    include fastcgi_cache;
     include /etc/nginx/conf.d/*.conf;
 }
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index 416d3b7..c88576b 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -15,6 +15,7 @@
   copy: src={{ item }} dest=/etc/nginx/{{ item }} mode=0644 owner=root group=root
   with_items:
     - extra-security.conf
+    - fastcgi_cache
     - nginx.conf
   notify:
     - reload nginx
diff --git a/roles/nginx/templates/vhost.conf.j2 b/roles/nginx/templates/vhost.conf.j2
index ee4e6a3..a46be17 100644
--- a/roles/nginx/templates/vhost.conf.j2
+++ b/roles/nginx/templates/vhost.conf.j2
@@ -59,7 +59,29 @@ server {
         # set script path relative to document root in server block
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         include fastcgi_params;
+
+        fastcgi_cache global;
+        fastcgi_cache_valid any 1h;
+        # Allow use of stale entries if the cache is updating
+        fastcgi_cache_use_stale updating;
+        # Set X-Fastcgi-Cache header to "HIT", "MISS", "BYPASS", etc
+        add_header X-Fastcgi-Cache $upstream_cache_status;
+        # Don't cache when user shift-refreshes (Pragma: no-cache) or when a user is logged in!
+        fastcgi_cache_bypass $http_pragma $logged_in;
+        fastcgi_no_cache $http_pragma $logged_in;
     }
 
     include extra-security.conf;
 }
+
+# Check if a user is logged in
+# if so, set $logged_in = 1
+# otherwise, set $logged_in = 0
+# See: http://jeradbitner.com/2012/02/nginx-do-not-cache-logged-in-drupal-or-wordpress-users/
+# See: http://syshero.org/post/50053543196/disable-nginx-cache-based-on-cookies
+# See nginx bug: http://trac.nginx.org/nginx/ticket/707
+map $http_cookie $logged_in {
+    default 0;
+
+    ~wordpress_logged_in 1;
+}