nginx_host

1. server {
2. listen 80;
3. server_name new2.fenshui.center;
4. root /home/fenshc_u/www/new2.fenshui.center;
5.  
6. set $pool_name new2.fenshui.center;
7.  
8. access_log /home/fenshc_u/www/logs/nginx.new2.fenshui.center.access.log main;
9. error_log /home/fenshc_u/www/logs/nginx.new2.fenshui.center.error.log;
10.  
11. client_max_body_size 100m;
12.  
13. location / {
14. index index.php;
15. try_files $uri $uri/ @wordpress;
16. }
17. location @wordpress {
18. rewrite "^/(.*)$" "/index.php?q=$1" last;
19. }
20.  
21. location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
22. rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml$ "/index.php?xml_sitemap=params=$2" last;
23. rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml\.gz$ "/index.php?xml_sitemap=params=$2;zip=true" last;
24. rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html$ "/index.php?xml_sitemap=params=$2;html=true" last;
25. rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html.gz$ "/index.php?xml_sitemap=params=$2;html=true;zip=true" last;
26. }
27.  
28. location ~* ^.+.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
29. access_log off; log_not_found off; expires max;
30. }
31.  
32. location ~ \.php$ {
33. fastcgi_pass unix:/run/php/php7.0-fpm.$pool_name.sock;
34. fastcgi_index index.php;
35. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
36. include fastcgi_params;
37. }
38.  
39. location ~* "^/(wp-config.php)((/.*)?)$" {
40. deny all;
41. return 404;
42. }
43. location ~* /((wp-config|plugin_upload|xmlrpc).php|(readme|license|changelog).(html|txt|md)|(debug|access|error)(.|_)log)$ {
44. return 444;
45. }
46. location ~* /.*((wp-config|xmlrpc).*(php(_bak|~|#)|txt|old|bak|save|orig(|inal)|swp|swo)).*$ {
47. return 444;
48. }
49. if ($query_string ~* "^(.*)(wp-config.php|dl-skin.php|xmlrpc.php|uploadify.php|admin-ajax.php|local.xml)(.*)$") {
50. return 444;
51. }
52. if ($request_uri ~* "^(.*)(wp-config.php|xmlrpc.php)(.*)$") {
53. return 444;
54. }
55. if ($query_string ~* "(concat.*\(|union.*select.*\(|union.*all.*select)") {
56. return 444;
57. }
58. if ($request_uri ~* "(concat.*\(|union.*select.*\(|union.*all.*select)") {
59. return 444;
60. }
61. if ($query_string ~* "author=[0-9]") {return 301 $scheme://$host/;}
62. if ($request_uri ~* "author=[0-9]") {return 301 $scheme://$host/;}
63. location ~* /(?:uploads|files)/.*\.(php|cgi|py|pl)$ {return 444;}
64. location ~* /(wp|page)/.*wp-.*/.*$ {return 444;}
65. location = /wp-includes/css/buttons-rtl.css {
66. if ($http_referer !~* "/wp-admin") {return 404;}
67. }
68. location = /wp-includes/js/tinymce/wp-tinymce.js.gz {
69. if ($http_referer !~* "/wp-admin") {return 404;}
70. }
71. #location = /robots.txt {if ($http_referer != "") {return 404;}}
72. location = /wp-content/ {return 404;}
73. location = /wp-includes/ {return 404;}
74. location = /wp-content/plugins/ {return 404;}
75. location = /wp-content/uploads/ {return 404;}
76. location = /wp-content/themes/ {return 404;}
77. location = /wp-content/languages/ {return 404;}
78. location = /wp-content/languages/plugins/ {return 404;}
79. location = /wp-content/languages/themes/ {return 404;}
80. location ~* /wp-content/plugins/([0-9a-z\-_]+)(/|$) {return 404;}
81. location ~ /wp-content/languages/(.+)\.(po|mo)$ {return 404;}
82. if ($http_user_agent ~* (nmap|nikto|wikto|sf|sqlmap|bsqlbf|w3af|acunetix|havij|appscan|nic.ru|monitoring|virusdie|indy|python|wpscan)) {return 403;} #semalt|php|perl
83. #if ($http_user_agent ~ ^(|-|_)$) {return 403;}
84. location = /nginx.conf { deny all; }
85.  
86. }