nginx settings for WordPress.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# https://codex.wordpress.org/Nginx | |
# Global restrictions configuration file. | |
# Deleted config for .htaccess, robots.txt, favicon restriction | |
# because they are already included in the default | |
# domain.conf created by ispconfig | |
# Block PHP files in uploads, content, and includes directory. | |
location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ { | |
deny all; | |
} | |
# Copied from iThemes security | |
# Rules to block access to WordPress specific files and wp-includes | |
location ~ /\.ht { deny all; } | |
location ~ wp-config.php { deny all; } | |
location ~ readme.html { deny all; } | |
location ~ readme.txt { deny all; } | |
location ~ /install.php { deny all; } | |
location ^/wp-admin/includes(.*)$ { deny all; } | |
# Rules to help reduce spam | |
location ~* (wp-comments-posts|wp-login)\.php$ { | |
valid_referers jetpack.wordpress.com/jetpack-comment/ ; | |
set $rule_0 0; | |
if ($request_method ~ "POST"){ set $rule_0 1$rule_0; } | |
if ($invalid_referer) { set $rule_0 2$rule_0; } | |
if ($http_user_agent ~ "^$"){ set $rule_0 3$rule_0; } | |
if ($rule_0 = "3210") { return 403; } | |
} | |
# WordPress single blog rules. | |
location / { | |
try_files $uri $uri/ /index.php?$args; | |
} | |
# Add trailing slash to */wp-admin requests. | |
rewrite /wp-admin$ $scheme://$host$uri/ permanent; | |
# Directives to send expires headers and turn off 404 error logging. | |
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { | |
access_log off; | |
log_not_found off; | |
expires max; | |
} | |
# Pass all .php files onto a php-fpm/php-fcgi server. | |
# Removed this config because they are already included | |
# in the default domain.conf created by ispconfig | |
# Rewrite for YOAST SEO sitemap | |
rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last; | |
rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment