Advertisement
zevilz

nginx_host

Oct 4th, 2017
239
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.37 KB | None | 0 0
  1. server {
  2. listen 80;
  3. server_name new2.fenshui.center;
  4. root /home/fenshc_u/www/new2.fenshui.center;
  5.  
  6. set $pool_name new2.fenshui.center;
  7.  
  8. access_log /home/fenshc_u/www/logs/nginx.new2.fenshui.center.access.log main;
  9. error_log /home/fenshc_u/www/logs/nginx.new2.fenshui.center.error.log;
  10.  
  11. client_max_body_size 100m;
  12.  
  13. location / {
  14. index index.php;
  15. try_files $uri $uri/ @wordpress;
  16. }
  17. location @wordpress {
  18. rewrite "^/(.*)$" "/index.php?q=$1" last;
  19. }
  20.  
  21. location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
  22. rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml$ "/index.php?xml_sitemap=params=$2" last;
  23. rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml\.gz$ "/index.php?xml_sitemap=params=$2;zip=true" last;
  24. rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html$ "/index.php?xml_sitemap=params=$2;html=true" last;
  25. rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html.gz$ "/index.php?xml_sitemap=params=$2;html=true;zip=true" last;
  26. }
  27.  
  28. location ~* ^.+.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
  29. access_log off; log_not_found off; expires max;
  30. }
  31.  
  32. location ~ \.php$ {
  33. fastcgi_pass unix:/run/php/php7.0-fpm.$pool_name.sock;
  34. fastcgi_index index.php;
  35. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  36. include fastcgi_params;
  37. }
  38.  
  39. location ~* "^/(wp-config.php)((/.*)?)$" {
  40. deny all;
  41. return 404;
  42. }
  43. location ~* /((wp-config|plugin_upload|xmlrpc).php|(readme|license|changelog).(html|txt|md)|(debug|access|error)(.|_)log)$ {
  44. return 444;
  45. }
  46. location ~* /.*((wp-config|xmlrpc).*(php(_bak|~|#)|txt|old|bak|save|orig(|inal)|swp|swo)).*$ {
  47. return 444;
  48. }
  49. if ($query_string ~* "^(.*)(wp-config.php|dl-skin.php|xmlrpc.php|uploadify.php|admin-ajax.php|local.xml)(.*)$") {
  50. return 444;
  51. }
  52. if ($request_uri ~* "^(.*)(wp-config.php|xmlrpc.php)(.*)$") {
  53. return 444;
  54. }
  55. if ($query_string ~* "(concat.*\(|union.*select.*\(|union.*all.*select)") {
  56. return 444;
  57. }
  58. if ($request_uri ~* "(concat.*\(|union.*select.*\(|union.*all.*select)") {
  59. return 444;
  60. }
  61. if ($query_string ~* "author=[0-9]") {return 301 $scheme://$host/;}
  62. if ($request_uri ~* "author=[0-9]") {return 301 $scheme://$host/;}
  63. location ~* /(?:uploads|files)/.*\.(php|cgi|py|pl)$ {return 444;}
  64. location ~* /(wp|page)/.*wp-.*/.*$ {return 444;}
  65. location = /wp-includes/css/buttons-rtl.css {
  66. if ($http_referer !~* "/wp-admin") {return 404;}
  67. }
  68. location = /wp-includes/js/tinymce/wp-tinymce.js.gz {
  69. if ($http_referer !~* "/wp-admin") {return 404;}
  70. }
  71. #location = /robots.txt {if ($http_referer != "") {return 404;}}
  72. location = /wp-content/ {return 404;}
  73. location = /wp-includes/ {return 404;}
  74. location = /wp-content/plugins/ {return 404;}
  75. location = /wp-content/uploads/ {return 404;}
  76. location = /wp-content/themes/ {return 404;}
  77. location = /wp-content/languages/ {return 404;}
  78. location = /wp-content/languages/plugins/ {return 404;}
  79. location = /wp-content/languages/themes/ {return 404;}
  80. location ~* /wp-content/plugins/([0-9a-z\-_]+)(/|$) {return 404;}
  81. location ~ /wp-content/languages/(.+)\.(po|mo)$ {return 404;}
  82. if ($http_user_agent ~* (nmap|nikto|wikto|sf|sqlmap|bsqlbf|w3af|acunetix|havij|appscan|nic.ru|monitoring|virusdie|indy|python|wpscan)) {return 403;} #semalt|php|perl
  83. #if ($http_user_agent ~ ^(|-|_)$) {return 403;}
  84. location = /nginx.conf { deny all; }
  85.  
  86. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement