| # prevent .zip, .gz, .tar, .bzip2 files from being accessed by default | | # prevent .zip, .gz, .tar, .bzip2 files from being accessed by default |
| # impossible for centmin mod to know which wp backup plugins they installed | | # impossible for centmin mod to know which wp backup plugins they installed |
| # which may save backups to directories in wp-content/ | | # which may save backups to directories in wp-content/ |
| # such plugins may deploy .htaccess protection but that isn't supported in | | # such plugins may deploy .htaccess protection but that isn't supported in |
| # nginx, so blocking access to these extensions is a workaround to cover all bases | | # nginx, so blocking access to these extensions is a workaround to cover all bases |
| | | |
| # prepare for letsencrypt | | # prepare for letsencrypt |
| # https://community.centminmod.com/posts/17774/ | | # https://community.centminmod.com/posts/17774/ |
| location ~ /.well-known { | | location ~ /.well-known { |
| location ~ /.well-known/acme-challenge/(.*) { | | location ~ /.well-known/acme-challenge/(.*) { |
| more_set_headers "Content-Type: text/plain"; | | more_set_headers "Content-Type: text/plain"; |
| } | | } |
| } | | } |
| | | |
| # allow AJAX requests in themes and plugins | | # allow AJAX requests in themes and plugins |
| location ~ ^/wp-admin/admin-ajax.php$ { allow all; include /usr/local/nginx/conf/php.conf; } | | location ~ ^/wp-admin/admin-ajax.php$ { allow all; include /usr/local/nginx/conf/php.conf; } |
| | | |
| location ~* ^/(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z)$ { deny all; } | | location ~* ^/(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z)$ { deny all; } |
| | | |
| location ~ ^/wp-content/uploads/sucuri { deny all; } | | location ~ ^/wp-content/uploads/sucuri { deny all; } |
| | | |
| location ~ ^/wp-content/updraft { deny all; } | | location ~ ^/wp-content/updraft { deny all; } |
| | | |
| # Block nginx-help log from public viewing | | # Block nginx-help log from public viewing |
| location ~* /wp-content/uploads/nginx-helper/ { deny all; } | | location ~* /wp-content/uploads/nginx-helper/ { deny all; } |
| | | |
| # webp extension support if you are converting /uploads images to webp | | # WebP extension support if you are converting /uploads images to webp |
| location ~ ^/wp-content/uploads/ { | | location ~ ^/wp-content/uploads/ { |
| #pagespeed off; | | #pagespeed off; |
| #pagespeed unplugged; | | #pagespeed unplugged; |
| #autoindex on; | | #autoindex on; |
| #add_header X-Robots-Tag "noindex, nofollow"; | | #add_header X-Robots-Tag "noindex, nofollow"; |
| location ~* ^/wp-content/uploads/(.+/)?(.+)\.(png|jpe?g)$ { | | location ~* ^/wp-content/uploads/(.+/)?(.+)\.(png|jpe?g)$ { |
| expires 30d; | | expires 30d; |
| add_header Vary "Accept-Encoding"; | | add_header Vary "Accept-Encoding"; |
| add_header Cache-Control "public, no-transform"; | | add_header Cache-Control "public, no-transform"; |
| try_files $uri$webp_extension $uri =404; | | try_files $uri$webp_extension $uri =404; |
| } | | } |
| } | | } |
| | | |
| | | |
| | | |
| location ~ ^/(wp-includes/js/tinymce/wp-tinymce.php) { | | location ~ ^/(wp-includes/js/tinymce/wp-tinymce.php) { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/onesignal-free-web-push-notifications// | | # Whitelist Exception for https://wordpress.org/plugins/onesignal-free-web-push-notifications// |
| location ~ ^/wp-content/plugins/onesignal-free-web-push-notifications/ { | | location ~ ^/wp-content/plugins/onesignal-free-web-push-notifications/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/sparkpost/ | | # Whitelist Exception for https://wordpress.org/plugins/sparkpost/ |
| location ~ ^/wp-content/plugins/sparkpost/ { | | location ~ ^/wp-content/plugins/sparkpost/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/sendgrid-email-delivery-simplified/ | | # Whitelist Exception for https://wordpress.org/plugins/sendgrid-email-delivery-simplified/ |
| location ~ ^/wp-content/plugins/sendgrid-email-delivery-simplified/ { | | location ~ ^/wp-content/plugins/sendgrid-email-delivery-simplified/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/mailgun/ | | # Whitelist Exception for https://wordpress.org/plugins/mailgun/ |
| location ~ ^/wp-content/plugins/mailgun/ { | | location ~ ^/wp-content/plugins/mailgun/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/mailjet-for-wordpress/ | | # Whitelist Exception for https://wordpress.org/plugins/mailjet-for-wordpress/ |
| location ~ ^/wp-content/plugins/mailjet-for-wordpress/ { | | location ~ ^/wp-content/plugins/mailjet-for-wordpress/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/easy-wp-smtp/ | | # Whitelist Exception for https://wordpress.org/plugins/easy-wp-smtp/ |
| location ~ ^/wp-content/plugins/easy-wp-smtp/ { | | location ~ ^/wp-content/plugins/easy-wp-smtp/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/postman-smtp/ | | # Whitelist Exception for https://wordpress.org/plugins/postman-smtp/ |
| location ~ ^/wp-content/plugins/postman-smtp/ { | | location ~ ^/wp-content/plugins/postman-smtp/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/sendpress/ | | # Whitelist Exception for https://wordpress.org/plugins/sendpress/ |
| location ~ ^/wp-content/plugins/sendpress/ { | | location ~ ^/wp-content/plugins/sendpress/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/wp-mail-bank/ | | # Whitelist Exception for https://wordpress.org/plugins/wp-mail-bank/ |
| location ~ ^/wp-content/plugins/wp-mail-bank/ { | | location ~ ^/wp-content/plugins/wp-mail-bank/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/theme-check/ | | # Whitelist Exception for https://wordpress.org/plugins/theme-check/ |
| location ~ ^/wp-content/plugins/theme-check/ { | | location ~ ^/wp-content/plugins/theme-check/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/woocommerce/ | | # Whitelist Exception for https://wordpress.org/plugins/woocommerce/ |
| location ~ ^/wp-content/plugins/woocommerce/ { | | location ~ ^/wp-content/plugins/woocommerce/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/woocommerce-csvimport/ | | # Whitelist Exception for https://wordpress.org/plugins/woocommerce-csvimport/ |
| location ~ ^/wp-content/plugins/woocommerce-csvimport/ { | | location ~ ^/wp-content/plugins/woocommerce-csvimport/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/advanced-custom-fields/ | | # Whitelist Exception for https://wordpress.org/plugins/advanced-custom-fields/ |
| location ~ ^/wp-content/plugins/advanced-custom-fields/ { | | location ~ ^/wp-content/plugins/advanced-custom-fields/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/contact-form-7/ | | # Whitelist Exception for https://wordpress.org/plugins/contact-form-7/ |
| location ~ ^/wp-content/plugins/contact-form-7/ { | | location ~ ^/wp-content/plugins/contact-form-7/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/duplicator/ | | # Whitelist Exception for https://wordpress.org/plugins/duplicator/ |
| location ~ ^/wp-content/plugins/duplicator/ { | | location ~ ^/wp-content/plugins/duplicator/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/jetpack/ | | # Whitelist Exception for https://wordpress.org/plugins/jetpack/ |
| location ~ ^/wp-content/plugins/jetpack/ { | | location ~ ^/wp-content/plugins/jetpack/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/nextgen-gallery/ | | # Whitelist Exception for https://wordpress.org/plugins/nextgen-gallery/ |
| location ~ ^/wp-content/plugins/nextgen-gallery/ { | | location ~ ^/wp-content/plugins/nextgen-gallery/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/tinymce-advanced/ | | # Whitelist Exception for https://wordpress.org/plugins/tinymce-advanced/ |
| location ~ ^/wp-content/plugins/tinymce-advanced/ { | | location ~ ^/wp-content/plugins/tinymce-advanced/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/updraftplus/ | | # Whitelist Exception for https://wordpress.org/plugins/updraftplus/ |
| location ~ ^/wp-content/plugins/updraftplus/ { | | location ~ ^/wp-content/plugins/updraftplus/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/wordpress-importer/ | | # Whitelist Exception for https://wordpress.org/plugins/wordpress-importer/ |
| location ~ ^/wp-content/plugins/wordpress-importer/ { | | location ~ ^/wp-content/plugins/wordpress-importer/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/wordpress-seo/ | | # Whitelist Exception for https://wordpress.org/plugins/wordpress-seo/ |
| location ~ ^/wp-content/plugins/wordpress-seo/ { | | location ~ ^/wp-content/plugins/wordpress-seo/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/wpclef/ | | # Whitelist Exception for https://wordpress.org/plugins/wpclef/ |
| location ~ ^/wp-content/plugins/wpclef/ { | | location ~ ^/wp-content/plugins/wpclef/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/mailchimp-for-wp/ | | # Whitelist Exception for https://wordpress.org/plugins/mailchimp-for-wp/ |
| location ~ ^/wp-content/plugins/mailchimp-for-wp/ { | | location ~ ^/wp-content/plugins/mailchimp-for-wp/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/wp-optimize/ | | # Whitelist Exception for https://wordpress.org/plugins/wp-optimize/ |
| location ~ ^/wp-content/plugins/wp-optimize/ { | | location ~ ^/wp-content/plugins/wp-optimize/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/si-contact-form/ | | # Whitelist Exception for https://wordpress.org/plugins/si-contact-form/ |
| location ~ ^/wp-content/plugins/si-contact-form/ { | | location ~ ^/wp-content/plugins/si-contact-form/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/akismet/ | | # Whitelist Exception for https://wordpress.org/plugins/akismet/ |
| location ~ ^/wp-content/plugins/akismet/ { | | location ~ ^/wp-content/plugins/akismet/ { |
| location ~ ^/wp-content/plugins/akismet/(.+/)?(form|akismet)\.(css|js)$ { allow all; } | | location ~ ^/wp-content/plugins/akismet/(.+/)?(form|akismet)\.(css|js)$ { allow all; expires 30d;} |
| location ~ ^/wp-content/plugins/akismet/(.+/)?(.+)\.(png|gif)$ { allow all; } | | location ~ ^/wp-content/plugins/akismet/(.+/)?(.+)\.(png|gif)$ { allow all; expires 30d;} |
| location ~* /wp-content/plugins/akismet/akismet/.*\.php$ { | | location ~* /wp-content/plugins/akismet/akismet/.*\.php$ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| allow 127.0.0.1; | | allow 127.0.0.1; |
| deny all; | | deny all; |
| } | | } |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/bbpress/ | | # Whitelist Exception for https://wordpress.org/plugins/bbpress/ |
| location ~ ^/wp-content/plugins/bbpress/ { | | location ~ ^/wp-content/plugins/bbpress/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/buddypress/ | | # Whitelist Exception for https://wordpress.org/plugins/buddypress/ |
| location ~ ^/wp-content/plugins/buddypress/ { | | location ~ ^/wp-content/plugins/buddypress/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/all-in-one-seo-pack/ | | # Whitelist Exception for https://wordpress.org/plugins/all-in-one-seo-pack/ |
| location ~ ^/wp-content/plugins/all-in-one-seo-pack/ { | | location ~ ^/wp-content/plugins/all-in-one-seo-pack/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/google-analytics-for-wordpress/ | | # Whitelist Exception for https://wordpress.org/plugins/google-analytics-for-wordpress/ |
| location ~ ^/wp-content/plugins/google-analytics-for-wordpress/ { | | location ~ ^/wp-content/plugins/google-analytics-for-wordpress/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/regenerate-thumbnails/ | | # Whitelist Exception for https://wordpress.org/plugins/regenerate-thumbnails/ |
| location ~ ^/wp-content/plugins/regenerate-thumbnails/ { | | location ~ ^/wp-content/plugins/regenerate-thumbnails/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/wp-pagenavi/ | | # Whitelist Exception for https://wordpress.org/plugins/wp-pagenavi/ |
| location ~ ^/wp-content/plugins/wp-pagenavi/ { | | location ~ ^/wp-content/plugins/wp-pagenavi/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/wordfence/ | | # Whitelist Exception for https://wordpress.org/plugins/wordfence/ |
| location ~ ^/wp-content/plugins/wordfence/ { | | location ~ ^/wp-content/plugins/wordfence/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/really-simple-captcha/ | | # Whitelist Exception for https://wordpress.org/plugins/really-simple-captcha/ |
| location ~ ^/wp-content/plugins/really-simple-captcha/ { | | location ~ ^/wp-content/plugins/really-simple-captcha/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/wp-pagenavi/ | | # Whitelist Exception for https://wordpress.org/plugins/wp-pagenavi/ |
| location ~ ^/wp-content/plugins/wp-pagenavi/ { | | location ~ ^/wp-content/plugins/wp-pagenavi/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/ml-slider/ | | # Whitelist Exception for https://wordpress.org/plugins/ml-slider/ |
| location ~ ^/wp-content/plugins/ml-slider/ { | | location ~ ^/wp-content/plugins/ml-slider/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/black-studio-tinymce-widget/ | | # Whitelist Exception for https://wordpress.org/plugins/black-studio-tinymce-widget/ |
| location ~ ^/wp-content/plugins/black-studio-tinymce-widget/ { | | location ~ ^/wp-content/plugins/black-studio-tinymce-widget/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/disable-comments/ | | # Whitelist Exception for https://wordpress.org/plugins/disable-comments/ |
| location ~ ^/wp-content/plugins/disable-comments/ { | | location ~ ^/wp-content/plugins/disable-comments/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for https://wordpress.org/plugins/better-wp-security/ | | # Whitelist Exception for https://wordpress.org/plugins/better-wp-security/ |
| location ~ ^/wp-content/plugins/better-wp-security/ { | | location ~ ^/wp-content/plugins/better-wp-security/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for http://wlmsocial.com/ | | # Whitelist Exception for http://wlmsocial.com/ |
| location ~ ^/wp-content/plugins/wlm-social/ { | | location ~ ^/wp-content/plugins/wlm-social/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for mediagrid timthumb | | # Whitelist Exception for mediagrid timthumb |
| location ~ ^/wp-content/plugins/media-grid/classes/ { | | location ~ ^/wp-content/plugins/media-grid/classes/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| # Whitelist Exception for webp-express | | # Whitelist Exception for webp-express |
| location ~ ^/wp-content/plugins/webp-express/ { | | location ~ ^/wp-content/plugins/webp-express/ { |
| include /usr/local/nginx/conf/php.conf; | | include /usr/local/nginx/conf/php.conf; |
| include /usr/local/nginx/conf/staticfiles.conf; | | include /usr/local/nginx/conf/staticfiles.conf; |
| # below include file needs to be manually created at that path and to be uncommented | | # below include file needs to be manually created at that path and to be uncommented |
| # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf | | # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf |
| # allows you to add commonly shared settings to all wp plugin location matches which | | # allows you to add commonly shared settings to all wp plugin location matches which |
| # whitelist php processing access at /usr/local/nginx/conf/wpincludes/nederland.gratis/coupons/wpsecure_$vhost.conf | | # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf |
| #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; | | #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; |
| } | | } |
| | | |
| | | |
| # Whitelist Exception for WPML | | |
| location ~ ^/wp-content/plugins/sitepress-multilingual-cms/(.+/)?(.+)\.(css|js)$ { allow all; expires 30d;} | | |
| location ~ ^/wp-content/plugins/sitepress-multilingual-cms/(.+/)?(.+)\.(png|gif)$ { allow all; expires 30d;} | | |
| location ~* /wp-content/plugins/sitepress-multilingual-cms/.*\.php$ { | | |
| include /usr/local/nginx/conf/php.conf; | | |
| allow 127.0.0.1; | | |
| deny all; | | |
| } | | |
| | | |
| | | |
| # Block PHP files in content directory. | | # Block PHP files in content directory. |
| location ~* /wp-content/.*\.php$ { | | location ~* /wp-content/.*\.php$ { |
| deny all; | | deny all; |
| } | | } |
| | | |
| # Block PHP files in includes directory. | | # Block PHP files in includes directory. |
| location ~* /wp-includes/.*\.php$ { | | location ~* /wp-includes/.*\.php$ { |
| deny all; | | deny all; |
| } | | } |
| | | |
| # Block PHP files in uploads, content, and includes directory. | | # Block PHP files in uploads, content, and includes directory. |
| location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ { | | location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ { |
| deny all; | | deny all; |
| } | | } |
| | | |
| # Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS! | | # Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS! |
| location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ | | location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ |
| { | | { |
| return 444; | | return 444; |
| } | | } |
| | | |
| location ~* \.(tpl)$ | | location ~* \.(tpl)$ |
| { | | { |
| deny all; | | deny all; |
| } | | } |
| | | |
| #nocgi | | #nocgi |
| location ~* \.(pl|cgi|py|sh|lua)$ { | | location ~* \.(pl|cgi|py|sh|lua)$ { |
| return 444; | | return 444; |
| } | | } |
| | | |
| #disallow | | #disallow |
| location ~* (w00tw00t) { | | location ~* (w00tw00t) { |
| return 444; | | return 444; |
| } | | } |
| | | |
| location ~* /(\.|wp-config\.php|wp-config\.txt|changelog\.txt|readme\.txt|readme\.html|license\.txt) { deny all; } | | location ~* /(\.|wp-config\.php|wp-config\.txt|changelog\.txt|readme\.txt|readme\.html|license\.txt) { deny all; } |
| location ~* /(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z|txt)$ { deny all; } | | location ~* /(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z|txt)$ { deny all; } |