Last active
November 10, 2024 22:37
-
-
Save ilokano/b1480b15972bb2ff5a96 to your computer and use it in GitHub Desktop.
nginx settings for WordPress.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# https://codex.wordpress.org/Nginx | |
# Global restrictions configuration file. | |
# Deleted config for .htaccess, robots.txt, favicon restriction | |
# because they are already included in the default | |
# domain.conf created by ispconfig | |
# Block PHP files in uploads, content, and includes directory. | |
location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ { | |
deny all; | |
} | |
# Copied from iThemes security | |
# Rules to block access to WordPress specific files and wp-includes | |
location ~ /\.ht { deny all; } | |
location ~ wp-config.php { deny all; } | |
location ~ readme.html { deny all; } | |
location ~ readme.txt { deny all; } | |
location ~ /install.php { deny all; } | |
location ^/wp-admin/includes(.*)$ { deny all; } | |
# Rules to help reduce spam | |
location ~* (wp-comments-posts|wp-login)\.php$ { | |
valid_referers jetpack.wordpress.com/jetpack-comment/ ; | |
set $rule_0 0; | |
if ($request_method ~ "POST"){ set $rule_0 1$rule_0; } | |
if ($invalid_referer) { set $rule_0 2$rule_0; } | |
if ($http_user_agent ~ "^$"){ set $rule_0 3$rule_0; } | |
if ($rule_0 = "3210") { return 403; } | |
} | |
# WordPress single blog rules. | |
location / { | |
try_files $uri $uri/ /index.php?$args; | |
} | |
# Add trailing slash to */wp-admin requests. | |
rewrite /wp-admin$ $scheme://$host$uri/ permanent; | |
# Directives to send expires headers and turn off 404 error logging. | |
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { | |
access_log off; | |
log_not_found off; | |
expires max; | |
} | |
# Pass all .php files onto a php-fpm/php-fcgi server. | |
# Removed this config because they are already included | |
# in the default domain.conf created by ispconfig | |
# Rewrite for YOAST SEO sitemap | |
rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last; | |
rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment