ansible-playbooks/debian/roles/webservers-nginx/files/wordpress-security.conf
2014-05-07 16:51:02 +00:00

35 lines
833 B
Plaintext

# Global restrictions configuration file.
# Designed to be included in any server {} block.</p>
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# Deny access to any files with a .php extension in the uploads directory
location ~* ^/wp-content/uploads/.*.php$ {
deny all;
access_log off;
log_not_found off;
}
# Deny access to any files with a .php extension in the uploads directory for multisite
location ~* /files/(.*).php$ {
deny all;
access_log off;
log_not_found off;
}