Hi, The following directives in /usr/local/nginx/conf/wpsecure_YOURDOMAIN.COM.conf # Block PHP files in includes directory. #location ~* /wp-includes/.*\.php$ { # deny all; #} # Block PHP files in uploads, content, and includes directory. #...