API tools faq
paste
Advertisement
Guest User

Conf

a guest
Feb 6th, 2014
608
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.13 KB | None | 0 0
raw download clone embed print report
  1. # Common root location
  2. #  location / {
  3. #    This try_files directive is used to enable pretty, SEO-friendly URLs
  4. #    and permalinks for Wordpress. Leave it *off* to start with, and then
  5. #    turn it on once you've gotten Wordpress configured!
  6. #    try_files $uri $uri/ /index.php?$args;
  7. #  }
  8.  
  9. #    This location pevents any requests for the Wordpress admin interface
  10. #    from being accepted if those requests don't come from your LAN. This
  11. #    is optional but recommended.
  12. #  location ~* wp-admin {
  13. #      try_files $uri $uri/ =404;
  14. #      allow 192.168.1.0/24;
  15. #      allow 127.0.0.1;
  16. #      deny all;
  17. #  }
  18.  
  19. #    Show "Not Found" 404 errors in place of "Forbidden" 403 errors, because
  20. #    forbidden errors allow attackers potential insight into your server's
  21. #    layout and contents
  22.  error_page 403 =404;
  23.  
  24. #    Prevent access to any files starting with a dot, like .htaccess
  25. #    or text editor temp files
  26.  location ~ /\. { access_log off; log_not_found off; deny all; }
  27.  
  28. #    Prevent access to any files starting with a $ (usually temp files)
  29.  location ~ ~$ { access_log off; log_not_found off; deny all; }
  30.  
  31. #    Common deny or internal locations, to help prevent access to areas of
  32. #    the site that should not be public
  33.  location ~* wp-admin/includes { deny all; }
  34.   location ~* wp-includes/theme-compat/ { deny all; }
  35.   location ~* wp-includes/js/tinymce/langs/.*\.php { deny all; }
  36.   location /wp-content/ { internal; }
  37.   location /wp-includes/ { internal; }
  38. #    The next line protects the wp-config.php file from being accessed, but
  39. #    we need to be able to run the file for the initial site setup. Uncomment
  40. #    the next line after setup is completed and reload Nginx.
  41.    location ~* wp-config.php { deny all; }
  42.  
  43. #    Prevent any potentially-executable files in the uploads directory from
  44. #    being executed by forcing their MIME type to text/plain
  45.  location ~* ^/wp-content/uploads/.*.(html|htm|shtml|php)$ {
  46.       types { }
  47.       default_type text/plain;
  48.   }
  49.  
  50. #    Add trailing slash to */wp-admin requests so the admin interface
  51. #    works correctly
  52.  rewrite /wp-admin$ $scheme://$host$uri/ permanent;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!