Home > nginx > Nginx complete folder protection not working

Nginx complete folder protection not working

October 19Hits:0

I have installed nginx(1.4.3) with PHP-FPM(5.4.20). i want to protect my wordpress wp-admin folder.

my nginx configuration file domain.conf:

server {     listen 80;     server_name  example.com;     root /var/www;     location / {     index  index.php;     try_files $uri $uri/ /index.php?$args;     }      location /wp-admin {     index   index.php;     allow;     deny    all;     }     location ~ \.php$ {     fastcgi_pass;     fastcgi_index  index.php;     fastcgi_param  PATH_INFO $fastcgi_script_name;     fastcgi_param  SCRIPT_FILENAME  /var/www$fastcgi_script_name;     include        fastcgi_params;     } } 

Problem: When i load wp-admin folder in different ip i got 403(fine), but i'm able to load insite PHP files. like /wp-admin/about.php


When you access /wp-admin/about.php, the PHP location block processes the request. Not the /wp-admin block.

To achieve what you'd want, you'd need a PHP location block and try_files directive inside /wp-admin block. Here's the generic solution for your use case!

server {
  location / {

  location /wp-admin {
    # try_files ...;
    # allow   ip.ip.ip.ip;
    # deny    all;

    location ~* \.php$ {
      # directives to process PHP inside wp-admin

  location ~* \.php$ {
    # directives to process PHP outside wp-admin

Related Articles

  • Nginx complete folder protection not workingOctober 19

    I have installed nginx(1.4.3) with PHP-FPM(5.4.20). i want to protect my wordpress wp-admin folder. my nginx configuration file domain.conf: server { listen 80; server_name example.com; root /var/www; location / { index index.php; try_files $uri $uri

  • Ubuntu One - How To download a complete folder to a Windows Machine?November 16

    To download Ubuntu One Files to Windows is done one by one. Is there a way to download a complete folder? --------------Solutions------------- You can install Ubuntu One client on the Windows machine and sync the folder

  • cannot write to nginx www folderApril 29

    I've recently installed nginx on my dev machine with Ubuntu 12.04. I am currently logged in as myuser and after installing nginx I setup the following file permissions (nginx www folder was owned by root so I wanted to change that so I can edit files

  • Folder protection issueMay 11

    The folder protection in ispconfig3 works fine. But if there is already existing content in the .htacces file, which is most likely for the most cms systems using mod_rewrite, the contenet will be replaced with the new content. I think its a better i

  • ISPconfig 3 - Folder Protection acts weird

    ISPconfig 3 - Folder Protection acts weirdJanuary 13

    A nice feature in ISPconfig 3 but it if used it wipes out an already existing .htaccess file in order to add the auth code inside. It should jsut add the code to "the end" of the file. Now concerning the .htpasswd that it is creating in the same

  • Kein mod_rewrite nach folder-protection

    Kein mod_rewrite nach folder-protectionSeptember 4

    SOLVED: no mod_rewrite after folder-protection Hi. Yesterday I activated folder protection for testing on one folder. After deactivation of folder protection mod_rewrite was no longer working. Any suggestions ? thx & regards, dbvadmin --------------S

  • Folder Protection API

    Folder Protection APIApril 7

    Hi, Is there any Folder Protection API, or plans to have this? I cannot seem to find any web_folder commands in the remote API. For ISPConfig Would be great to be able to add folder protection via the API, as everything else we do is via the

  • Nginx redirect folder to subdomainJune 5

    I'm trying to configure a redirect on Nginx from a folder to a subdomain. I've tried already Nginx redirect: folder to external domain and Nginx rewrite rule (subdirectory to subdomain) and nginx: redirect subfolder to subdomain. Nothing works. The p

  • How to take backup of nginx cache folder along with metadata?July 8

    I want to take a backup of nginx cache folder ( the proxy_cache_path ) and its metadata of the main server and use that as the cache folder of a secondary server. This is so that if the main server goes down the secondary server can take its place an

  • nginx + directory listing + protected folder ... no luck ...February 20

    Hi forum! I have being reading around with nginx / protected folders mess here in the forum... but to no avail... so here I go posting again. The situation is a migration from an ISPconfig Apache setup to an Ispconfig NGINX setup. There is a download

  • NGinX Folder Protection not workingApril 14

    I'm on the latest ISPconfig version with all updates from jessie applied... When I go to "Sites > Web Access > Protected Folders" and "Sites > Web Access > Protected Folder Users" and setup a folder and a user it never make

  • Disable Gateway Timeout for Specific Nginx Port / FolderApril 17

    How can I disable the nginx timeout when accessing through a specific port, or simply a specified folder. Whichever is easier. Basically I have some scripts which need to execute for a long period of time and the gateway timeout is preventing them fr

  • How to completely password protect a zip file November 13

    I just tried to encrypt a folder with 7zip by command line choosing a password but when double-clicking on the zip file, it shows me the files list without asking any password. Is there any way to truly encrypt a folder by command line? -------------

  • How do I make nginx's folder moveable?August 27

    Currently when I compile nginx (in directory /home/parth/nginx), it embeds the prefix supplied to configure script in the nginx binary. Now when I move that folder around (let's say to /tmp), it breaks with following error message. Is there a way to

  • How to change the Nginx default folder?September 2

    I setup a server with Nginx and i set my Public_HTML in - /home/user/public_html/website.com/public And its always redirect to - /usr/local/nginx/html/ How can i change this ? Nginx.conf - user www-data www-data; worker_processes 4; events { worker_c

  • How to completely password protect login into Ubuntu 12.10?March 16

    I am running Ubuntu 12.10 on my laptop and I would like to make a set up such that without a login password, no one would be able to login into my system. Currently it seems that one can, quite easily, login into Ubuntu operating system using the rec

  • FTP folder protection pureftpd

    FTP folder protection pureftpdMarch 15

    Hi ! Sorry for my english. Is it possible ton protect a folder for ftp user like with proftpd where you can use a .ftpaccess : <Limit> DenyAll </Limit> I can't find information to do that with pureftpd witch is in ISPconfig. Thanks.

  • Nginx mp4 hotlink protection not workingAugust 15

    I try to protect hotlink for mp4 files, but does not work for me. This is the code I am using: location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ { valid_referers none blocked; if ($invalid_referer) { return

  • How to check nginx root folderAugust 18

    I have a very basic 404 error: Description: HTTP 404.The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is

  • nginx git folder requestJanuary 10

    Im using nginx and git-web and it works great. I access my site using www.mydomain.org to pull up gitweb. Here is my config file: server { listen 80 default_server; listen [::]:80 default_server; server_name www.mydomain.org; return 301 https://$serv

Copyright (C) 2017 ceus-now.com, All Rights Reserved. webmaster#ceus-now.com 14 q. 0.495 s.