-18 Removals
+5 Additions
# prevent .zip, .gz, .tar, .bzip2 files from being accessed by default# prevent .zip, .gz, .tar, .bzip2 files from being accessed by default
# impossible for centmin mod to know which wp backup plugins they installed# impossible for centmin mod to know which wp backup plugins they installed
# which may save backups to directories in wp-content/# which may save backups to directories in wp-content/
# such plugins may deploy .htaccess protection but that isn't supported in# such plugins may deploy .htaccess protection but that isn't supported in
# nginx, so blocking access to these extensions is a workaround to cover all bases# nginx, so blocking access to these extensions is a workaround to cover all bases
# prepare for letsencrypt # prepare for letsencrypt
# https://community.centminmod.com/posts/17774/# https://community.centminmod.com/posts/17774/
location ~ /.well-known {location ~ /.well-known {
location ~ /.well-known/acme-challenge/(.*) { location ~ /.well-known/acme-challenge/(.*) {
more_set_headers "Content-Type: text/plain"; more_set_headers "Content-Type: text/plain";
} }
}}
# allow AJAX requests in themes and plugins# allow AJAX requests in themes and plugins
location ~ ^/wp-admin/admin-ajax.php$ { allow all; include /usr/local/nginx/conf/php.conf; }location ~ ^/wp-admin/admin-ajax.php$ { allow all; include /usr/local/nginx/conf/php.conf; }
location ~* ^/(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z)$ { deny all; }location ~* ^/(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z)$ { deny all; }
location ~ ^/wp-content/uploads/sucuri { deny all; }location ~ ^/wp-content/uploads/sucuri { deny all; }
location ~ ^/wp-content/updraft { deny all; }location ~ ^/wp-content/updraft { deny all; }
# Block nginx-help log from public viewing# Block nginx-help log from public viewing
location ~* /wp-content/uploads/nginx-helper/ { deny all; }location ~* /wp-content/uploads/nginx-helper/ { deny all; }
# webp extension support if you are converting /uploads images to webp# WebP extension support if you are converting /uploads images to webp
location ~ ^/wp-content/uploads/ {location ~ ^/wp-content/uploads/ {
#pagespeed off; #pagespeed off;
#pagespeed unplugged; #pagespeed unplugged;
#autoindex on; #autoindex on;
#add_header X-Robots-Tag "noindex, nofollow"; #add_header X-Robots-Tag "noindex, nofollow";
location ~* ^/wp-content/uploads/(.+/)?(.+)\.(png|jpe?g)$ { location ~* ^/wp-content/uploads/(.+/)?(.+)\.(png|jpe?g)$ {
expires 30d; expires 30d;
add_header Vary "Accept-Encoding"; add_header Vary "Accept-Encoding";
add_header Cache-Control "public, no-transform"; add_header Cache-Control "public, no-transform";
try_files $uri$webp_extension $uri =404; try_files $uri$webp_extension $uri =404;
} }
}}
location ~ ^/(wp-includes/js/tinymce/wp-tinymce.php) {location ~ ^/(wp-includes/js/tinymce/wp-tinymce.php) {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/onesignal-free-web-push-notifications//# Whitelist Exception for https://wordpress.org/plugins/onesignal-free-web-push-notifications//
location ~ ^/wp-content/plugins/onesignal-free-web-push-notifications/ {location ~ ^/wp-content/plugins/onesignal-free-web-push-notifications/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/sparkpost/# Whitelist Exception for https://wordpress.org/plugins/sparkpost/
location ~ ^/wp-content/plugins/sparkpost/ {location ~ ^/wp-content/plugins/sparkpost/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/sendgrid-email-delivery-simplified/# Whitelist Exception for https://wordpress.org/plugins/sendgrid-email-delivery-simplified/
location ~ ^/wp-content/plugins/sendgrid-email-delivery-simplified/ {location ~ ^/wp-content/plugins/sendgrid-email-delivery-simplified/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/mailgun/# Whitelist Exception for https://wordpress.org/plugins/mailgun/
location ~ ^/wp-content/plugins/mailgun/ {location ~ ^/wp-content/plugins/mailgun/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/mailjet-for-wordpress/# Whitelist Exception for https://wordpress.org/plugins/mailjet-for-wordpress/
location ~ ^/wp-content/plugins/mailjet-for-wordpress/ {location ~ ^/wp-content/plugins/mailjet-for-wordpress/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/easy-wp-smtp/# Whitelist Exception for https://wordpress.org/plugins/easy-wp-smtp/
location ~ ^/wp-content/plugins/easy-wp-smtp/ {location ~ ^/wp-content/plugins/easy-wp-smtp/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/postman-smtp/# Whitelist Exception for https://wordpress.org/plugins/postman-smtp/
location ~ ^/wp-content/plugins/postman-smtp/ {location ~ ^/wp-content/plugins/postman-smtp/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/sendpress/# Whitelist Exception for https://wordpress.org/plugins/sendpress/
location ~ ^/wp-content/plugins/sendpress/ {location ~ ^/wp-content/plugins/sendpress/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/wp-mail-bank/# Whitelist Exception for https://wordpress.org/plugins/wp-mail-bank/
location ~ ^/wp-content/plugins/wp-mail-bank/ {location ~ ^/wp-content/plugins/wp-mail-bank/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/theme-check/# Whitelist Exception for https://wordpress.org/plugins/theme-check/
location ~ ^/wp-content/plugins/theme-check/ {location ~ ^/wp-content/plugins/theme-check/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/woocommerce/# Whitelist Exception for https://wordpress.org/plugins/woocommerce/
location ~ ^/wp-content/plugins/woocommerce/ {location ~ ^/wp-content/plugins/woocommerce/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/woocommerce-csvimport/# Whitelist Exception for https://wordpress.org/plugins/woocommerce-csvimport/
location ~ ^/wp-content/plugins/woocommerce-csvimport/ {location ~ ^/wp-content/plugins/woocommerce-csvimport/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/advanced-custom-fields/# Whitelist Exception for https://wordpress.org/plugins/advanced-custom-fields/
location ~ ^/wp-content/plugins/advanced-custom-fields/ {location ~ ^/wp-content/plugins/advanced-custom-fields/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/contact-form-7/# Whitelist Exception for https://wordpress.org/plugins/contact-form-7/
location ~ ^/wp-content/plugins/contact-form-7/ {location ~ ^/wp-content/plugins/contact-form-7/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/duplicator/# Whitelist Exception for https://wordpress.org/plugins/duplicator/
location ~ ^/wp-content/plugins/duplicator/ {location ~ ^/wp-content/plugins/duplicator/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/jetpack/# Whitelist Exception for https://wordpress.org/plugins/jetpack/
location ~ ^/wp-content/plugins/jetpack/ {location ~ ^/wp-content/plugins/jetpack/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/nextgen-gallery/# Whitelist Exception for https://wordpress.org/plugins/nextgen-gallery/
location ~ ^/wp-content/plugins/nextgen-gallery/ {location ~ ^/wp-content/plugins/nextgen-gallery/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/tinymce-advanced/# Whitelist Exception for https://wordpress.org/plugins/tinymce-advanced/
location ~ ^/wp-content/plugins/tinymce-advanced/ {location ~ ^/wp-content/plugins/tinymce-advanced/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/updraftplus/# Whitelist Exception for https://wordpress.org/plugins/updraftplus/
location ~ ^/wp-content/plugins/updraftplus/ {location ~ ^/wp-content/plugins/updraftplus/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/wordpress-importer/# Whitelist Exception for https://wordpress.org/plugins/wordpress-importer/
location ~ ^/wp-content/plugins/wordpress-importer/ {location ~ ^/wp-content/plugins/wordpress-importer/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/wordpress-seo/# Whitelist Exception for https://wordpress.org/plugins/wordpress-seo/
location ~ ^/wp-content/plugins/wordpress-seo/ {location ~ ^/wp-content/plugins/wordpress-seo/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/wpclef/# Whitelist Exception for https://wordpress.org/plugins/wpclef/
location ~ ^/wp-content/plugins/wpclef/ {location ~ ^/wp-content/plugins/wpclef/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/mailchimp-for-wp/# Whitelist Exception for https://wordpress.org/plugins/mailchimp-for-wp/
location ~ ^/wp-content/plugins/mailchimp-for-wp/ {location ~ ^/wp-content/plugins/mailchimp-for-wp/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/wp-optimize/# Whitelist Exception for https://wordpress.org/plugins/wp-optimize/
location ~ ^/wp-content/plugins/wp-optimize/ {location ~ ^/wp-content/plugins/wp-optimize/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/si-contact-form/# Whitelist Exception for https://wordpress.org/plugins/si-contact-form/
location ~ ^/wp-content/plugins/si-contact-form/ {location ~ ^/wp-content/plugins/si-contact-form/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/akismet/# Whitelist Exception for https://wordpress.org/plugins/akismet/
location ~ ^/wp-content/plugins/akismet/ {location ~ ^/wp-content/plugins/akismet/ {
location ~ ^/wp-content/plugins/akismet/(.+/)?(form|akismet)\.(css|js)$ { allow all; } location ~ ^/wp-content/plugins/akismet/(.+/)?(form|akismet)\.(css|js)$ { allow all; expires 30d;}
location ~ ^/wp-content/plugins/akismet/(.+/)?(.+)\.(png|gif)$ { allow all; } location ~ ^/wp-content/plugins/akismet/(.+/)?(.+)\.(png|gif)$ { allow all; expires 30d;}
location ~* /wp-content/plugins/akismet/akismet/.*\.php$ { location ~* /wp-content/plugins/akismet/akismet/.*\.php$ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
allow 127.0.0.1; allow 127.0.0.1;
deny all; deny all;
} }
}}
# Whitelist Exception for https://wordpress.org/plugins/bbpress/# Whitelist Exception for https://wordpress.org/plugins/bbpress/
location ~ ^/wp-content/plugins/bbpress/ {location ~ ^/wp-content/plugins/bbpress/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/buddypress/# Whitelist Exception for https://wordpress.org/plugins/buddypress/
location ~ ^/wp-content/plugins/buddypress/ {location ~ ^/wp-content/plugins/buddypress/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/all-in-one-seo-pack/# Whitelist Exception for https://wordpress.org/plugins/all-in-one-seo-pack/
location ~ ^/wp-content/plugins/all-in-one-seo-pack/ {location ~ ^/wp-content/plugins/all-in-one-seo-pack/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/google-analytics-for-wordpress/# Whitelist Exception for https://wordpress.org/plugins/google-analytics-for-wordpress/
location ~ ^/wp-content/plugins/google-analytics-for-wordpress/ {location ~ ^/wp-content/plugins/google-analytics-for-wordpress/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/regenerate-thumbnails/# Whitelist Exception for https://wordpress.org/plugins/regenerate-thumbnails/
location ~ ^/wp-content/plugins/regenerate-thumbnails/ {location ~ ^/wp-content/plugins/regenerate-thumbnails/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/wp-pagenavi/# Whitelist Exception for https://wordpress.org/plugins/wp-pagenavi/
location ~ ^/wp-content/plugins/wp-pagenavi/ {location ~ ^/wp-content/plugins/wp-pagenavi/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/wordfence/# Whitelist Exception for https://wordpress.org/plugins/wordfence/
location ~ ^/wp-content/plugins/wordfence/ {location ~ ^/wp-content/plugins/wordfence/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/really-simple-captcha/# Whitelist Exception for https://wordpress.org/plugins/really-simple-captcha/
location ~ ^/wp-content/plugins/really-simple-captcha/ {location ~ ^/wp-content/plugins/really-simple-captcha/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/wp-pagenavi/# Whitelist Exception for https://wordpress.org/plugins/wp-pagenavi/
location ~ ^/wp-content/plugins/wp-pagenavi/ {location ~ ^/wp-content/plugins/wp-pagenavi/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/ml-slider/# Whitelist Exception for https://wordpress.org/plugins/ml-slider/
location ~ ^/wp-content/plugins/ml-slider/ {location ~ ^/wp-content/plugins/ml-slider/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/black-studio-tinymce-widget/# Whitelist Exception for https://wordpress.org/plugins/black-studio-tinymce-widget/
location ~ ^/wp-content/plugins/black-studio-tinymce-widget/ {location ~ ^/wp-content/plugins/black-studio-tinymce-widget/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/disable-comments/# Whitelist Exception for https://wordpress.org/plugins/disable-comments/
location ~ ^/wp-content/plugins/disable-comments/ {location ~ ^/wp-content/plugins/disable-comments/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for https://wordpress.org/plugins/better-wp-security/# Whitelist Exception for https://wordpress.org/plugins/better-wp-security/
location ~ ^/wp-content/plugins/better-wp-security/ {location ~ ^/wp-content/plugins/better-wp-security/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for http://wlmsocial.com/# Whitelist Exception for http://wlmsocial.com/
location ~ ^/wp-content/plugins/wlm-social/ {location ~ ^/wp-content/plugins/wlm-social/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for mediagrid timthumb# Whitelist Exception for mediagrid timthumb
location ~ ^/wp-content/plugins/media-grid/classes/ {location ~ ^/wp-content/plugins/media-grid/classes/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for webp-express# Whitelist Exception for webp-express
location ~ ^/wp-content/plugins/webp-express/ {location ~ ^/wp-content/plugins/webp-express/ {
include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/php.conf;
include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/staticfiles.conf;
# below include file needs to be manually created at that path and to be uncommented # below include file needs to be manually created at that path and to be uncommented
# by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
# allows you to add commonly shared settings to all wp plugin location matches which # allows you to add commonly shared settings to all wp plugin location matches which
# whitelist php processing access at /usr/local/nginx/conf/wpincludes/nederland.gratis/coupons/wpsecure_$vhost.conf # whitelist php processing access at /usr/local/nginx/conf/wpincludes/$vhost/wpsecure_$vhost.conf
#include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf; #include /usr/local/nginx/conf/wpincludes/$vhost/wpwhitelist_common.conf;
}}
# Whitelist Exception for WPML
location ~ ^/wp-content/plugins/sitepress-multilingual-cms/(.+/)?(.+)\.(css|js)$ { allow all; expires 30d;}
location ~ ^/wp-content/plugins/sitepress-multilingual-cms/(.+/)?(.+)\.(png|gif)$ { allow all; expires 30d;}
location ~* /wp-content/plugins/sitepress-multilingual-cms/.*\.php$ {
include /usr/local/nginx/conf/php.conf;
allow 127.0.0.1;
deny all;
}
# Block PHP files in content directory.# Block PHP files in content directory.
location ~* /wp-content/.*\.php$ {location ~* /wp-content/.*\.php$ {
deny all; deny all;
}}
# Block PHP files in includes directory.# Block PHP files in includes directory.
location ~* /wp-includes/.*\.php$ {location ~* /wp-includes/.*\.php$ {
deny all; deny all;
}}
# Block PHP files in uploads, content, and includes directory.# Block PHP files in uploads, content, and includes directory.
location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ {location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ {
deny all; deny all;
}}
# Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS!# Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS!
location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_
{{
return 444;return 444;
}}
location ~* \.(tpl)$location ~* \.(tpl)$
{{
deny all; deny all;
}}
#nocgi#nocgi
location ~* \.(pl|cgi|py|sh|lua)$ {location ~* \.(pl|cgi|py|sh|lua)$ {
return 444;return 444;
}}
#disallow#disallow
location ~* (w00tw00t) {location ~* (w00tw00t) {
return 444;return 444;
}}
location ~* /(\.|wp-config\.php|wp-config\.txt|changelog\.txt|readme\.txt|readme\.html|license\.txt) { deny all; }location ~* /(\.|wp-config\.php|wp-config\.txt|changelog\.txt|readme\.txt|readme\.html|license\.txt) { deny all; }
location ~* /(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z|txt)$ { deny all; }location ~* /(wp-content)/(.*?)\.(zip|gz|tar|bzip2|7z|txt)$ { deny all; }
Editor
Original Text
Changed Text