Created
December 14, 2018 19:37
-
-
Save dmhendricks/88aaf97609772ba36edb281cc87366ef to your computer and use it in GitHub Desktop.
Plesk Additional nginx Directives
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Plesk Onyx - Additional nginx Directives | |
| # Version 1.0.0 | |
| # Maintainer: Daniel M. Hendricks (https://www.danhendricks.com) | |
| # Domains > example.com > Apache & nginx Settings > Additional nginx directives | |
| # Disable directory indexing | |
| autoindex off; | |
| # Enable HSTS (optional) | |
| add_header Strict-Transport-Security "max-age=31536000" always; | |
| # Block default wpscan user agent | |
| if ( $http_user_agent ~* wget|wpscan ) { | |
| return 403; | |
| } | |
| # Block xmlrpc.php (optional but recommended if not used) | |
| location = /xmlrpc.php { | |
| deny all; | |
| access_log off; | |
| log_not_found off; | |
| } | |
| # Deny access to .htaccess and other hidden files | |
| location ~ /\. { | |
| deny all; | |
| } | |
| # Deny access to wp-config.php | |
| location = /wp-config.php { | |
| deny all; | |
| } | |
| # Deny access to revealing or potentially dangerous files in the /wp-content/ directory | |
| location ~* ^/wp-content/.*\.(exe|sh|bak|log|sql)$ { | |
| deny all; | |
| } | |
| # Plesk-specific rules | |
| if (!-e $request_filename) { | |
| set $test P; | |
| } | |
| if ($uri !~ ^/(plesk-stat|plesk-git|webstat|webstat-ssl|ftpstat|anon_ftpstat|awstats-icon|internal-nginx-static-location)) { | |
| set $test "${test}C"; | |
| } | |
| if ($test = PC) { | |
| rewrite ^/(.*)$ /index.php?$1; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment