• Dear Pleskians! The Plesk Forum will be undergoing scheduled maintenance on Monday, 7th of July, at 9:00 AM UTC. The expected maintenance window is 2 hours.
    Thank you in advance for your patience and understanding on the matter.

Question How to overrde "Security of the wp-content folder" with .htaccess

Laurence@

Laurence@

Regular Pleskian
What are the .htaccess directives to override this function. Say a user wants to secure /wp-content but allow 2 scripts to execute. Anyone know?
 
Laurence@ said:
What are the .htaccess directives to override this function. Say a user wants to secure /wp-content but allow 2 scripts to execute. Anyone know?
Click to expand...
I don't use .htaccess. However, you can turn off the wp-content security in the WordPress settings and re-enable it manually in your "Additional nginx directives" settings for each domain. Do something like this, enabling the PHP access for specific files then disabling it for all others:

Code: 
# Allow PHP for specific files while stopping all other PHP in wp-content (this is only for https content)
location ~* "^/wp-content/.*myspecialfile.php" {
   proxy_pass   https://myserveripaddress:7081;
   proxy_set_header Host   $host;
   proxy_set_header X-Real-IP   $remote_addr;
   proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
}
location ~* "^/wp-content/.*\\.php" { deny all; }
 
You must log in or register to reply here.

Similar threads

brother4
Question Best way to block direct PHP file access and ensure .htaccess rules are always applied with Nginx as a reverse proxy?
Replies
1
Views
1K
brother4
brother4
brother4
Question Custom rules for Mod Seruity 3.0 Nginx - WordPress protection
Replies
2
Views
1K
brother4
brother4
L
Resolved Plesk adding hex data to index.php after change of httpdocs folder
Replies
10
Views
2K
Liberator
L
L
Issue Wp Tool Kit Hopelessly Broke
Replies
4
Views
2K
Ladylinux
L
H
Question WP Toolkit: How does it apply the Security Suggestions?
Replies
1
Views
12K
Kaspar@Plesk
Kaspar@Plesk
Back
Top