daily pastebin goal
59%
SHARE
TWEET

Conf

a guest Feb 6th, 2014 287 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Common root location
  2. #  location / {
  3. #    This try_files directive is used to enable pretty, SEO-friendly URLs
  4. #    and permalinks for Wordpress. Leave it *off* to start with, and then
  5. #    turn it on once you've gotten Wordpress configured!
  6. #    try_files $uri $uri/ /index.php?$args;
  7. #  }
  8.  
  9. #    This location pevents any requests for the Wordpress admin interface
  10. #    from being accepted if those requests don't come from your LAN. This
  11. #    is optional but recommended.
  12. #  location ~* wp-admin {
  13. #      try_files $uri $uri/ =404;
  14. #      allow 192.168.1.0/24;
  15. #      allow 127.0.0.1;
  16. #      deny all;
  17. #  }
  18.  
  19. #    Show "Not Found" 404 errors in place of "Forbidden" 403 errors, because
  20. #    forbidden errors allow attackers potential insight into your server's
  21. #    layout and contents
  22.  error_page 403 =404;
  23.  
  24. #    Prevent access to any files starting with a dot, like .htaccess
  25. #    or text editor temp files
  26.  location ~ /\. { access_log off; log_not_found off; deny all; }
  27.  
  28. #    Prevent access to any files starting with a $ (usually temp files)
  29.  location ~ ~$ { access_log off; log_not_found off; deny all; }
  30.  
  31. #    Common deny or internal locations, to help prevent access to areas of
  32. #    the site that should not be public
  33.  location ~* wp-admin/includes { deny all; }
  34.   location ~* wp-includes/theme-compat/ { deny all; }
  35.   location ~* wp-includes/js/tinymce/langs/.*\.php { deny all; }
  36.   location /wp-content/ { internal; }
  37.   location /wp-includes/ { internal; }
  38. #    The next line protects the wp-config.php file from being accessed, but
  39. #    we need to be able to run the file for the initial site setup. Uncomment
  40. #    the next line after setup is completed and reload Nginx.
  41.    location ~* wp-config.php { deny all; }
  42.  
  43. #    Prevent any potentially-executable files in the uploads directory from
  44. #    being executed by forcing their MIME type to text/plain
  45.  location ~* ^/wp-content/uploads/.*.(html|htm|shtml|php)$ {
  46.       types { }
  47.       default_type text/plain;
  48.   }
  49.  
  50. #    Add trailing slash to */wp-admin requests so the admin interface
  51. #    works correctly
  52.  rewrite /wp-admin$ $scheme://$host$uri/ permanent;
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top