Nginx for Wordpress

wp.conf

#php.conf
fastcgi_split_path_info ^(.+\.php)(.*)$;
try_files $uri $fastcgi_script_name =404;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;                                                          
fastcgi_index index.php;
fastcgi_param  SCRIPT_FILENAME  $request_filename;                                     
fastcgi_param HTTP_PROXY "";
include fastcgi.conf;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;

# HTTP Password if required
#location ~* /(wp-login\.php) {
#    limit_req zone=xwplogin burst=1 nodelay;
#    auth_basic "Authorization Required";
#    auth_basic_user_file /etc/nginx/conf/htpasswd; 
#    include /etc/nginx/php.conf;
#}

#location ~* /wp-admin/.*\.php$ {
#	   auth_basic "Authorization Required";
#    auth_basic_user_file /usr/local/nginx/conf/htpasswd;
#	   include /etc/nginx/php.conf;
#}

# admin ajax needed
location ~ ^/wp-admin/admin-ajax.php$ { allow all; include /etc/nginx/php.conf; }

#block access to wp-content
location ~* ^/wp-content/.*?\.(zip|gz|tar|bzip2|7z)\$ { deny all; }
location ~ ^/wp-content/uploads/sucuri { deny all; }
location ~ ^/wp-content/updraft { deny all; }
location ~* /wp-content/uploads/nginx-helper/ { deny all; }
#no php on uploads/files
location ~* /(?:uploads|files)/.*\.(php|htm|html|shtml|js|css|swf)$ { deny all; }
location ~* /(wp-content|wp-includes)/.*\.php$ { deny all; }
# Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS!
location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)\$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ { return 404; }
#nocgi
location ~* \.(pl|cgi|py|sh|lua)$ { return 444; }
#disallow
location ~* (w00tw00t) { return 444; }
location ~* /(\.|wp-config\.php|wp-config\.txt|changelog\.txt|readme\.txt|readme\.html|license\.txt) { deny all; }