Created
October 13, 2017 12:36
-
-
Save VirtuBox/574cc70c44f3c9a28ecdf1e96b7c10c1 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # NGINX CONFIGURATION FOR COMMON LOCATION | |
| # DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee) | |
| # Basic locations files | |
| location = /favicon.ico { | |
| access_log off; | |
| log_not_found off; | |
| expires max; | |
| } | |
| location = /robots.txt { | |
| # Some WordPress plugin gererate robots.txt file | |
| # Refer #340 issue | |
| try_files $uri $uri/ /index.php?$args; | |
| access_log off; | |
| log_not_found off; | |
| } | |
| # Cache static files | |
| location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ { | |
| add_header "Access-Control-Allow-Origin" "*"; | |
| access_log off; | |
| log_not_found off; | |
| expires max; | |
| } | |
| # Security settings for better privacy | |
| # Deny hidden files | |
| location ~ /\.well-known { | |
| allow all; | |
| } | |
| location ~ /\. { | |
| deny all; | |
| access_log off; | |
| log_not_found off; | |
| } | |
| # Deny backup extensions & log files | |
| location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ { | |
| deny all; | |
| access_log off; | |
| log_not_found off; | |
| } | |
| # Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) | |
| if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") { | |
| return 403; | |
| } | |
| # Status pages | |
| location /nginx_status { | |
| stub_status on; | |
| access_log off; | |
| include common/acl.conf; | |
| } | |
| location ~ ^/(status|ping) { | |
| include fastcgi_params; | |
| fastcgi_pass php; | |
| include common/acl.conf; | |
| } | |
| # EasyEngine (ee) utilities | |
| # phpMyAdmin settings | |
| location /pma { | |
| return 301 https://$host:22222/db/pma; | |
| } | |
| location /phpMyAdmin { | |
| return 301 https://$host:22222/db/pma; | |
| } | |
| location /phpmyadmin { | |
| return 301 https://$host:22222/db/pma; | |
| } | |
| # Adminer settings | |
| location /adminer { | |
| return 301 https://$host:22222/db/adminer; | |
| } | |
| # WordPress COMMON SETTINGS | |
| # DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee) | |
| # Limit access to avoid brute force attack | |
| location = /wp-login.php { | |
| limit_req zone=one burst=1 nodelay; | |
| include fastcgi_params; | |
| fastcgi_pass php; | |
| } | |
| # Disable wp-config.txt | |
| location = /wp-config.txt { | |
| deny all; | |
| access_log off; | |
| log_not_found off; | |
| } | |
| # Disallow php in upload folder | |
| location /wp-content/uploads/ { | |
| location ~ \.php$ { | |
| #Prevent Direct Access Of PHP Files From Web Browsers | |
| deny all; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment