API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 20th, 2014
51
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.28 KB | None | 0 0
raw download clone embed print report
  1. location = /favicon.ico {
  2. log_not_found off;
  3. access_log off;
  4. }
  5.  
  6. location = /robots.txt {
  7. allow all;
  8. log_not_found off;
  9. access_log off;
  10. }
  11.  
  12. # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
  13. location ~ /. {
  14. deny all;
  15. access_log off;
  16. log_not_found off;
  17. }
  18.  
  19. # Deny access to any files with a .php extension in the uploads directory
  20. location ~* ^/wp-content/uploads/.*.php$ {
  21. deny all;
  22. access_log off;
  23. log_not_found off;
  24. }
  25.  
  26. # Deny access to any files with a .php extension in the uploads directory for multisite
  27. location ~* /files/(.*).php$ {
  28. deny all;
  29. access_log off;
  30. log_not_found off;
  31. }
  32.  
  33. # WordPress single blog rules.
  34. # Designed to be included in any server {} block.
  35.  
  36. # This order might seem weird - this is attempted to match last if rules below fail.
  37.  
  38. # http://wiki.nginx.org/HttpCoreModule
  39. location / {
  40. try_files $uri $uri/ /index.php?$args;
  41. }
  42.  
  43. # Add trailing slash to */wp-admin requests.
  44. rewrite /wp-admin$ $scheme://$host$uri/ permanent;
  45.  
  46. # Directives to send expires headers and turn off 404 error logging.
  47. location ~* .(js|css|png|jpg|jpeg|gif|ico)$ {
  48. expires 24h;
  49. log_not_found off;
  50. }
  51.  
  52. # Uncomment one of the lines below for the appropriate caching plugin (if used).
  53. #include global/wordpress-wp-super-cache.conf;
  54. #include global/wordpress-w3-total-cache.conf;
  55.  
  56. # Pass all .php files onto a php-fpm/php-fcgi server.
  57. location ~ .php$ {
  58. # Zero-day exploit defense.
  59. # http://forum.nginx.org/read.php?2,88845,page=3
  60. # Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
  61. # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won'
  62. t get hacked.
  63. try_files $uri =404;
  64.  
  65. fastcgi_split_path_info ^(.+.php)(/.+)$;
  66. #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
  67.  
  68. include fastcgi_params;
  69. fastcgi_index index.php;
  70. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  71. fastcgi_intercept_errors on;
  72. fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
  73. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!