Welcome! Log In Create A New Profile

Advanced

How to restrict access to wordpress wp-login.php

Posted by dmitriano 
How to restrict access to wordpress wp-login.php
August 07, 2013 07:31AM
Hi!

I successfully restricted the access to wp-admin pages with the following directive (as shown here http://forum.nginx.org/read.php?11,220878):

location /wp-login\.php {
allow 192.168.1.3;
deny all;
}

But this directive does not work:

location /wp-login\.php {
allow 192.168.1.3;
deny all;
}

what is the difference between them? Probably the following "location ~ \.php$" affects "location /wp-login\.php" somehow? This directive also does not help:

location /wp-login {
allow 192.168.1.3;
deny all;
}


Below I provided the entire configuration file:

server {
root /home/devnote/www;

index index.php index.html;

access_log /var/log/nginx/devnote.access.log;

error_log /var/log/nginx/devnote.error.log info;

server_name ~^(www\.)?(?<domain>.+)$;
server_name ~^(?<domain>.+)$;

# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}

location / {
try_files $uri $uri/ /index.php?$args;
}

# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;

# Rewrite for multi site files
rewrite /files/(.+)$ /wp-includes/ms-files.php?file=$1 last;

location ~* \.(jpg|jpeg|png|gif|css|js|ico)$ {
expires max;
}

location /wp-admin {
allow 192.168.1.3;
deny all;
}

location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/www-devnote.sock;
fastcgi_index index.php;
include fastcgi_params;
}
}



Edited 2 time(s). Last edit at 08/07/2013 07:36AM by dmitriano.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 309
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready