/ Register

Welcome to Centmin Mod Community
Become a Member

Nginx Wordpress wp-includes seem to have duplicate config?

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by rdan, Dec 8, 2018.

Previous Thread Next Thread
Loading...
  1. Dec 8, 2018 #1
    rdan

    rdan Well-Known Member

    5,452
    1,418
    113
    May 25, 2014
    Ratings:
    +2,212
    Local Time:
    4:06 PM
    Mainline
    10.2
    Code:
    # Deny access to any files with a .php extension in the uploads directory
location ~* /(?:uploads|files)/.*\.php$ { deny all; }

# Block PHP files in content directory.
location ~* /wp-content/.*\.php$ { deny all; }

# Block PHP files in includes directory.
location ~* /wp-includes/.*\.php$ { deny all; }
    Is the same/duplicate to?
    Code:
    # Block PHP files in uploads, content, and includes directory.
location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ { deny all; }

     
  2. Dec 8, 2018 #2
    rdan

    rdan Well-Known Member

    5,452
    1,418
    113
    May 25, 2014
    Ratings:
    +2,212
    Local Time:
    4:06 PM
    Mainline
    10.2
    Code:
    location ~ ^/wp-content/updraft { deny all; }
    Is also duplicate on drop.conf
     
  3. Dec 8, 2018 #3
    eva2000

    eva2000 Administrator Staff Member

    58,894
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    6:06 PM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    yeah 1st post ones technically duplicates

    this is in separate include files so is important to have in both as some folks edit their vhosts and remove or disable one of these include files i.e. disable drop.conf
     
Previous Thread Next Thread
Loading...

.