BizMarquee
Basic Pleskian
I've got Wordpress running with permalinks no problem using pure NGinx, but have one major issue and that is security. Usually with Wordpress I use an .htaccess file to block any .php file from running in the uploads folder. I found this directive from several resources:
location ~* /(?:uploads|files)/.*.php$ {
deny all;
access_log off;
log_not_found off;
}
However, when I plug it into Plesk's window for the nginx directives and save it, it has no effect and php runs just fine in the uploads folder.
Has anyone gotten this to work somehow? Or am I putting this code in the wrong place?
location ~* /(?:uploads|files)/.*.php$ {
deny all;
access_log off;
log_not_found off;
}
However, when I plug it into Plesk's window for the nginx directives and save it, it has no effect and php runs just fine in the uploads folder.
Has anyone gotten this to work somehow? Or am I putting this code in the wrong place?