ilokano/wordpress.conf

## wordpress.conf
# https://codex.wordpress.org/Nginx
# Global restrictions configuration file.
# Deleted config for .htaccess, robots.txt, favicon restriction
# because they are already included in the default
# domain.conf created by ispconfig

# Block PHP files in uploads, content, and includes directory.
location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ {
  deny all;
}

# Copied from iThemes security
# Rules to block access to WordPress specific files and wp-includes
location ~ /\.ht { deny all; }
location ~ wp-config.php { deny all; }
location ~ readme.html { deny all; }
location ~ readme.txt { deny all; }
location ~ /install.php { deny all; }
location ^/wp-admin/includes(.*)$ { deny all; }

# Rules to help reduce spam
location ~* (wp-comments-posts|wp-login)\.php$ {
	valid_referers jetpack.wordpress.com/jetpack-comment/ ;
	set $rule_0 0;
	if ($request_method ~ "POST"){ set $rule_0 1$rule_0; }
	if ($invalid_referer) { set $rule_0 2$rule_0; }
	if ($http_user_agent ~ "^$"){ set $rule_0 3$rule_0; }
	if ($rule_0 = "3210") { return 403; }
}

# WordPress single blog rules.
location / {
	try_files $uri $uri/ /index.php?$args;
}

# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;

# Directives to send expires headers and turn off 404 error logging.
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
       access_log off;
       log_not_found off;
       expires max;
}

# Pass all .php files onto a php-fpm/php-fcgi server.
# Removed this config because they are already included
# in the default domain.conf created by ispconfig

# Rewrite for YOAST SEO sitemap
rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last;
rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
	# https://codex.wordpress.org/Nginx
	# Global restrictions configuration file.
	# Deleted config for .htaccess, robots.txt, favicon restriction
	# because they are already included in the default
	# domain.conf created by ispconfig

	# Block PHP files in uploads, content, and includes directory.
	location ~* /(?:uploads\|files\|wp-content\|wp-includes)/.*\.php$ {
	deny all;
	}

	# Copied from iThemes security
	# Rules to block access to WordPress specific files and wp-includes
	location ~ /\.ht { deny all; }
	location ~ wp-config.php { deny all; }
	location ~ readme.html { deny all; }
	location ~ readme.txt { deny all; }
	location ~ /install.php { deny all; }
	location ^/wp-admin/includes(.*)$ { deny all; }

	# Rules to help reduce spam
	location ~* (wp-comments-posts\|wp-login)\.php$ {
	valid_referers jetpack.wordpress.com/jetpack-comment/ ;
	set $rule_0 0;
	if ($request_method ~ "POST"){ set $rule_0 1$rule_0; }
	if ($invalid_referer) { set $rule_0 2$rule_0; }
	if ($http_user_agent ~ "^$"){ set $rule_0 3$rule_0; }
	if ($rule_0 = "3210") { return 403; }
	}

	# WordPress single blog rules.
	location / {
	try_files $uri $uri/ /index.php?$args;
	}

	# Add trailing slash to */wp-admin requests.
	rewrite /wp-admin$ $scheme://$host$uri/ permanent;

	# Directives to send expires headers and turn off 404 error logging.
	location ~* ^.+\.(ogg\|ogv\|svg\|svgz\|eot\|otf\|woff\|woff2\|mp4\|ttf\|rss\|atom\|jpg\|jpeg\|gif\|png\|ico\|zip\|tgz\|gz\|rar\|bz2\|doc\|xls\|exe\|ppt\|tar\|mid\|midi\|wav\|bmp\|rtf)$ {
	access_log off;
	log_not_found off;
	expires max;
	}

	# Pass all .php files onto a php-fpm/php-fcgi server.
	# Removed this config because they are already included
	# in the default domain.conf created by ispconfig

	# Rewrite for YOAST SEO sitemap
	rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last;
	rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;