Skip to content

Instantly share code, notes, and snippets.

@wokamoto
Last active May 10, 2016 04:17
Show Gist options
  • Save wokamoto/8d0409af6aaf8e47cdc7487df02ebc10 to your computer and use it in GitHub Desktop.
Save wokamoto/8d0409af6aaf8e47cdc7487df02ebc10 to your computer and use it in GitHub Desktop.
[nginx] WordPress システムファイルプロテクション
# Protect System Files
location ~ /\.(?!well-known) { deny all; access_log off; log_not_found off; }
location ~* /wp-includes/.*\.php$ { access_log off; log_not_found off; return 404; }
location ~* /wp-admin/includes/.*$ { access_log off; log_not_found off; return 404; }
location ~* /wp-content/uploads/.*\.php$ { access_log off; log_not_found off; return 404; }
location ~* /wp-(config|blog-header)\.php$ { access_log off; log_not_found off; return 404; }
location ~* /(readme|readme-[^\.]+)\.(txt|html?)$ { access_log off; log_not_found off; return 404; }
location ~* .*\.(cache|sql|log|bak)$ { access_log off; log_not_found off; return 404; }
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment