From: nutra-bot <nutradigest@gmail.com>
Date: Mon, 27 Jun 2022 14:41:09 +0000 (+0000)
Subject: wip wordpress
X-Git-Url: https://git.nutra.tk/v1?a=commitdiff_plain;h=8735dc4c57471e2f2b81beb9831dce92d3ac3b8a;p=nutratech%2Fvps-root.git

wip wordpress

	https://wordpress.org/support/article/how-to-install-wordpress/
	https://wordpress.org/support/article/nginx/
---

diff --git a/etc/nginx/conf.d/restrictions.conf b/etc/nginx/conf.d/restrictions.conf
new file mode 100644
index 0000000..c098d26
--- /dev/null
+++ b/etc/nginx/conf.d/restrictions.conf
@@ -0,0 +1,25 @@
+# Global restrictions configuration file.
+# Designed to be included in any server {} block.
+location = /favicon.ico {
+    log_not_found off;
+    access_log off;
+}
+ 
+location = /robots.txt {
+    allow all;
+    log_not_found off;
+    access_log off;
+}
+ 
+# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
+# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
+location ~ /\. {
+    deny all;
+}
+ 
+# Deny access to any files with a .php extension in the uploads directory
+# Works in sub-directory installs and also in multisite network
+# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
+location ~* /(?:uploads|files)/.*\.php$ {
+    deny all;
+}
diff --git a/etc/nginx/conf.d/wordpress.conf b/etc/nginx/conf.d/wordpress.conf
new file mode 100644
index 0000000..f1c8e62
--- /dev/null
+++ b/etc/nginx/conf.d/wordpress.conf
@@ -0,0 +1,45 @@
+# WordPress single site rules.
+# Designed to be included in any server {} block.
+# Upstream to abstract backend connection(s) for php
+upstream php {
+        server unix:/tmp/php-cgi.socket;
+        server 127.0.0.1:9000;
+}
+ 
+server {
+        ## Your website name goes here.
+        server_name domain.tld;
+        ## Your only path reference.
+        root /var/www/wordpress;
+        ## This should be in your http block and if it is, it's not needed here.
+        index index.php;
+ 
+        location = /favicon.ico {
+                log_not_found off;
+                access_log off;
+        }
+ 
+        location = /robots.txt {
+                allow all;
+                log_not_found off;
+                access_log off;
+        }
+ 
+        location / {
+                # This is cool because no php is touched for static content.
+                # include the "?$args" part so non-default permalinks doesn't break when using query string
+                try_files $uri $uri/ /index.php?$args;
+        }
+ 
+        location ~ \.php$ {
+                #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
+                include fastcgi.conf;
+                fastcgi_intercept_errors on;
+                fastcgi_pass php;
+        }
+ 
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
+                expires max;
+                log_not_found off;
+        }
+}
diff --git a/etc/nginx/sites-available/default b/etc/nginx/sites-available/default
index 1065901..77e721f 100644
--- a/etc/nginx/sites-available/default
+++ b/etc/nginx/sites-available/default
@@ -43,3 +43,26 @@ server {
   return 301 http://$1$request_uri;
 }
 
+
+# Wordpress
+server {
+        server_name  _;
+        return 302 $scheme://example.com$request_uri;
+}
+ 
+server {
+    server_name deveast.linode.poczatek.dev;
+    root /home/shane/nutra/wordpress;
+ 
+    index index.php;
+ 
+    #include restrictions.conf;
+ 
+    # Additional rules go here.
+ 
+    # Only include one of the files below.
+    include wordpress.conf;
+#    include global/wordpress-ms-subdir.conf;
+#    include global/wordpress-ms-subdomain.conf;
+}
+