17 lines
608 B
Plaintext
17 lines
608 B
Plaintext
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
|
|
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
|
|
location ~* /\.(?!well-known\/) {
|
|
deny all;
|
|
}
|
|
|
|
# Prevent access to certain file extensions
|
|
location ~\.(ini|log|conf)$ {
|
|
deny all;
|
|
}
|
|
|
|
# Deny access to any files with a .php extension in the uploads directory
|
|
# Works in sub-directory installs and also in multisite network
|
|
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
|
|
location ~* /(?:uploads|files)/.*\.php$ {
|
|
deny all;
|
|
} |