====== WordPress mit nginx ======

Ich verwende folgende Konfiguration für den nginx-Server um:

  * ein URL-Rewirte wie mit Apache .htaccess zu haben und
  * das Login und Admin-Backend auf IPs einzuschränken, da ich immer wieder Bruteforce versuche beobachte.

<code>
  error_page 418 = @php;
    
  location /wp-admin/ {
    allow x.x.x.x/y;
    deny  all;
  }
  
  location ~* ^/wp-login.php {
    allow x.x.x.x/y;
    deny  all;
    try_files $uri =404;
    return 418;
  }
  
  location ~ \.php$
  {
    return 418;
  }
  
  location / {
    try_files $uri $uri/ /index.php?$args;
  }
  
  location @php {
    fastcgi_pass unix:/var/run/php-www.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
  }
</code>

Alternative:

<code>
  location /wp-admin/ {
    allow x.x.x.x/y;
    deny  all;
  }
  
  location ~* ^/wp-login.php {
    allow x.x.x.x/y;
    deny  all;
    try_files $uri =404;
    fastcgi_pass unix:/var/run/php-www.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
  }
  
  location ~ \.php$
  {
    fastcgi_pass unix:/var/run/php-www.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
  }
  
  location / {
    try_files $uri $uri/ /index.php?$args;
  }
</code>