%PDF- %PDF-
Direktori : /etc/nginx/conf.d/users/rinforma/wpt.rinformaticos.com.ar/ |
Current File : //etc/nginx/conf.d/users/rinforma/wpt.rinformaticos.com.ar/wp-toolkit.conf |
# This file is automatically generated by WP Toolkit. # Please do not modify the contents of this file, because this can lead to reduced security or malfunctioning of your website. # If the file was accidentally modified or otherwise damaged, you can regenerate it by deleting it and reapplying all security # measures for this site in WP Toolkit UI. # "Block access to wp-config.php" # To remove this rule, revert this security measure on each WordPress installation on this domain location ~* wp-config.php { deny all; } # "Block access to xmlrpc.php" # To remove this rule, revert this security measure on each WordPress installation on this domain location ~* xmlrpc.php { deny all; } # "Forbid execution of PHP scripts in the wp-content/uploads directory" # To remove this rule, revert this security measure for WordPress installation #130 location ~* "^(?:/)wp-content/uploads/.*\.php" { deny all; } # "Forbid execution of PHP scripts in the wp-includes directory" # To remove this rule, revert this security measure for WordPress installation #130 location ~* "^(?:/)wp-includes/(?!js/tinymce/wp\-tinymce\.php$).*\.php" { deny all; } # "Disable scripts concatenation for WordPress admin panel" # To remove this rule, revert this security measure for WordPress installation #130 location ~* "^(?:/)wp-admin/(load-styles|load-scripts)\.php" { deny all; } # "Block author scans" # To remove this rule, revert this security measure for WordPress installation #130 if ($query_string ~ "author=\d+") { rewrite "^/(?!wp-admin/)" "/fake-author-scan" last; } # "Disable PHP execution in cache directories" # To remove this rule, revert this security measure on each WordPress installation on this domain location ~* ".*/cache/.*\.ph(?:p[345]?|t|tml)" { access_log off; log_not_found off; deny all; } # "Block author scans" # To remove this rule, revert this security measure on each WordPress installation on this domain location = /fake-author-scan { internal; deny all; } # "Block access to sensitive files" # To remove this rule, revert this security measure on each WordPress installation on this domain location ~* "(?:wp-config\.bak|\.wp-config\.php\.swp|(?:readme|license|changelog|-config|-sample)\.(?:php|md|txt|htm|html))" { return 403; } # "Block access to potentially sensitive files" # To remove this rule, revert this security measure on each WordPress installation on this domain location ~* ".*\.(?:psd|log|cmd|exe|bat|csh|ini|sh)$" { return 403; } # "Block access to .htaccess and .htpasswd" # To remove this rule, revert this security measure on each WordPress installation on this domain location ~* /\.ht { deny all; } # "Enable bot protection" # To remove this rule, revert this security measure on each WordPress installation on this domain if ($http_user_agent ~* "(?:acunetix|BLEXBot|domaincrawler\.com|LinkpadBot|MJ12bot/v|majestic12\.co\.uk|AhrefsBot|TwengaBot|SemrushBot|nikto|winhttp|Xenu\s+Link\s+Sleuth|Baiduspider|HTTrack|clshttp|harvest|extract|grab|miner|python-requests)") { return 403; } # WordPress permalink # To remove this rule, add "wordpressPermalinkHandlingFeature = false" in the [ext-wp-toolkit] section of panel.ini # then reconfigure the current domain set $sef_entry_point /; if ($uri ~* "^/") { set $sef_entry_point "/index.php?$args"; } location @wpt_permalinks_fallback { try_files $uri $sef_entry_point; } error_page 404 = @wpt_permalinks_fallback; error_page 405 = @wpt_permalinks_fallback;