Beta Branch update centmin.sh menu option 22 wpsecure include file template in 123.09beta01

update centmin.sh menu option 22 wpsecure include file template in 123.09beta01

- Update /usr/local/nginx/conf/wpincludes/${vhostname}/wpsecure_${vhostname}.conf template with Autoptimize fallback 404 nginx rewrite rule and also add additional security to wp-cloudflare-page-cache plugin to prevent it's debug.log from being publicly web accessible to everyone at /wp-content/wp-cloudflare-super-page-cache/yourdomain.com/debug.log when you install the wp plugin manually.
- Existing wordpress sites created via centmin.sh menu option 22 now have a newly added tools/wp-cache-enabler-generate.sh tool made for cache enabler cache plugin. But has an wpsecure generator option applicable to generated a new /usr/local/nginx/conf/wpincludes/${vhostname}/wpsecure_${vhostname}.conf with suffix in name = -generated-XXXXXX timestamped include file which you can use to compare with your existing one and then you can manually decide what to merge and keep yourself in the live /usr/local/nginx/conf/wpincludes/${vhostname}/wpsecure_${vhostname}.conf include file.
- Existing users can on 123.09beta01 or newer can run cmupdate command to update locate Centmin Mod code and then run tools/wp-cache-enabler-generate.sh tool's wpsecure option to generate the newer wpsecure include file and it will also do a universal diff compare highlighting the differences between your existing wpsecure include file and your newly generated one with suffix in name.

To run tools/wp-cache-enabler-generate.sh tool's wpsecure option in SSH session type:

Code (Text):

cd /usr/local/src/centminmod/tools
./wp-cache-enabler-generate.sh wpsecure yourdomain.com

You can see an earlier example of this tools output at Beta Branch - update centmin.sh menu option 22 wpsecure include file template in 123.09beta01

---

Continue reading...

123.09beta01 branch

• Branch: centminmod/centminmod
• Commit History: centminmod/centminmod

 

example output

Code (Text):

cmupdate
cd /usr/local/src/centminmod/tools
./wp-cache-enabler-generate.sh wpsecure msdomain.com

example output

Code (Text):

./wp-cache-enabler-generate.sh wpsecure msdomain.com
==========================================================================
Generate Wordpress wpsecure include file:
/usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf-generated-100920-084318
==========================================================================
generating updated Wordpress wpsecure include file at:
/usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf-generated-100920-084318
generated: /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf-generated-100920-084318
differences between existing and newly generated wpsecure_msdomain.com.conf file
/usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf
versus
/usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf-generated-100920-084318
--- /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf    2020-09-04 21:38:22.484574312 +0000
+++ /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf-generated-100920-084318    2020-09-10 08:43:19.556050510 +0000
@@ -12,6 +12,12 @@
     }
 }
+location ~* /wp-content/cache/autoptimize/.*\.(js|css)$ {
+  include /usr/local/nginx/conf/php.conf;
+  add_header AO-Fallback 1;
+  try_files $uri $uri/ /wp-content/autoptimize_404_handler.php;
+}
+
 # allow AJAX requests in themes and plugins
 location ~ ^/wp-admin/admin-ajax.php$ { allow all; include /usr/local/nginx/conf/php.conf; }
@@ -38,6 +44,111 @@
   }
 }
+# Whitelist Exception for seo-by-rank-math
+location ~ ^/wp-content/plugins/seo-by-rank-math/ {
+  include /usr/local/nginx/conf/php.conf;
+  include /usr/local/nginx/conf/staticfiles.conf;
+  # below include file needs to be manually created at that path and to be uncommented
+  # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
+  # allows you to add commonly shared settings to all wp plugin location matches which
+  # whitelist php processing access at /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf
+  #include /usr/local/nginx/conf/wpincludes/msdomain.com/wpwhitelist_common.conf;
+}
+
+# Whitelist Exception for amp
+location ~ ^/wp-content/plugins/amp/ {
+  include /usr/local/nginx/conf/php.conf;
+  include /usr/local/nginx/conf/staticfiles.conf;
+  # below include file needs to be manually created at that path and to be uncommented
+  # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
+  # allows you to add commonly shared settings to all wp plugin location matches which
+  # whitelist php processing access at /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf
+  #include /usr/local/nginx/conf/wpincludes/msdomain.com/wpwhitelist_common.conf;
+}
+
+# Whitelist Exception for async-javascript
+location ~ ^/wp-content/plugins/async-javascript/ {
+  include /usr/local/nginx/conf/php.conf;
+  include /usr/local/nginx/conf/staticfiles.conf;
+  # below include file needs to be manually created at that path and to be uncommented
+  # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
+  # allows you to add commonly shared settings to all wp plugin location matches which
+  # whitelist php processing access at /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf
+  #include /usr/local/nginx/conf/wpincludes/msdomain.com/wpwhitelist_common.conf;
+}
+
+# Whitelist Exception for autoptimize
+location ~ ^/wp-content/plugins/autoptimize/ {
+  include /usr/local/nginx/conf/php.conf;
+  include /usr/local/nginx/conf/staticfiles.conf;
+  # below include file needs to be manually created at that path and to be uncommented
+  # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
+  # allows you to add commonly shared settings to all wp plugin location matches which
+  # whitelist php processing access at /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf
+  #include /usr/local/nginx/conf/wpincludes/msdomain.com/wpwhitelist_common.conf;
+}
+
+# Whitelist Exception for autoptimize-gzip
+location ~ ^/wp-content/plugins/autoptimize-gzip/ {
+  include /usr/local/nginx/conf/php.conf;
+  include /usr/local/nginx/conf/staticfiles.conf;
+  # below include file needs to be manually created at that path and to be uncommented
+  # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
+  # allows you to add commonly shared settings to all wp plugin location matches which
+  # whitelist php processing access at /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf
+  #include /usr/local/nginx/conf/wpincludes/msdomain.com/wpwhitelist_common.conf;
+}
+
+# Security for wp-cloudflare-page-cache debug.log which is exposed to public access
+# /wp-content/wp-cloudflare-super-page-cache/yourdomain.com/debug.log
+location ~ ^/wp-content/wp-cloudflare-super-page-cache/msdomain.com/(debug.log)$ {
+  deny all;
+}
+
+# Whitelist Exception for wp-cloudflare-page-cache
+location ~ ^/wp-content/plugins/wp-cloudflare-page-cache/ {
+  include /usr/local/nginx/conf/php.conf;
+  include /usr/local/nginx/conf/staticfiles.conf;
+  # below include file needs to be manually created at that path and to be uncommented
+  # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
+  # allows you to add commonly shared settings to all wp plugin location matches which
+  # whitelist php processing access at /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf
+  #include /usr/local/nginx/conf/wpincludes/msdomain.com/wpwhitelist_common.conf;
+}
+
+# Whitelist Exception for cloudflare
+location ~ ^/wp-content/plugins/cloudflare/ {
+  include /usr/local/nginx/conf/php.conf;
+  include /usr/local/nginx/conf/staticfiles.conf;
+  # below include file needs to be manually created at that path and to be uncommented
+  # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
+  # allows you to add commonly shared settings to all wp plugin location matches which
+  # whitelist php processing access at /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf
+  #include /usr/local/nginx/conf/wpincludes/msdomain.com/wpwhitelist_common.conf;
+}
+
+# Whitelist Exception for post-grid
+location ~ ^/wp-content/plugins/post-grid/ {
+  include /usr/local/nginx/conf/php.conf;
+  include /usr/local/nginx/conf/staticfiles.conf;
+  # below include file needs to be manually created at that path and to be uncommented
+  # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
+  # allows you to add commonly shared settings to all wp plugin location matches which
+  # whitelist php processing access at /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf
+  #include /usr/local/nginx/conf/wpincludes/msdomain.com/wpwhitelist_common.conf;
+}
+
+# Whitelist Exception for breadcrumb-navxt
+location ~ ^/wp-content/plugins/breadcrumb-navxt/ {
+  include /usr/local/nginx/conf/php.conf;
+  include /usr/local/nginx/conf/staticfiles.conf;
+  # below include file needs to be manually created at that path and to be uncommented
+  # by removing the hash # in front of below line to take effect. This wpwhitelist_common.conf
+  # allows you to add commonly shared settings to all wp plugin location matches which
+  # whitelist php processing access at /usr/local/nginx/conf/wpincludes/msdomain.com/wpsecure_msdomain.com.conf
+  #include /usr/local/nginx/conf/wpincludes/msdomain.com/wpwhitelist_common.conf;
+}
+
 location ~ ^/(wp-includes/js/tinymce/wp-tinymce.php) {
   include /usr/local/nginx/conf/php.conf;
   include /usr/local/nginx/conf/staticfiles.conf;
saved log: /root/centminlogs/wp-cache-enabler-generate-wpsecure-100920-084318.log