# This file is automatically generated by WP Toolkit.
# Please do not modify the contents of this file, because this can lead to reduced security or malfunctioning of your website.
# If the file was accidentally modified or otherwise damaged, you can regenerate it by deleting it and reapplying all security
# measures for this site in WP Toolkit UI.
# "Block access to wp-config.php"
# To remove this rule, revert this security measure on each WordPress installation on this domain
location ~* wp-config.php { deny all; }
# "Enable hotlink protection"
# To remove this rule, turn off this feature for WordPress installation #30
if ($http_referer !~* "^$|^https?://(.*\.)?(canreach\.mhcollab\.ca|hmhc\.ca|google\.com)(:|/|$)") {
rewrite "^(?:/)wp-content/uploads/.*\.(gif|png|jpeg|jpg|svg)$" "/fake-hotlink-stub" last;
}
location = "/fake-hotlink-stub" {
internal;
if (!-f "/home/hmhc3928/public_html/canreach.mhcollab.ca/wpt-hotlinked-image-stub.png") {
return 403;
}
rewrite ^ "/wpt-hotlinked-image-stub.png" last;
}
# "Disable PHP execution in cache directories"
# To remove this rule, revert this security measure on each WordPress installation on this domain
location ~* ".*/cache/.*\.ph(?:p[345]?|t|tml)" {
access_log off;
log_not_found off;
deny all;
}
# "Block access to sensitive files"
# To remove this rule, revert this security measure on each WordPress installation on this domain
location ~* "(?:wp-config\.bak|\.wp-config\.php\.swp|(?:readme|license|changelog|-config|-sample)\.(?:php|md|txt|htm|html))" {
return 403;
}
# WordPress permalink
# To remove this rule, add "wordpressPermalinkHandlingFeature = false" in the [ext-wp-toolkit] section of panel.ini
# then reconfigure the current domain
set $sef_entry_point /;
if ($uri ~* "^/") {
set $sef_entry_point "/index.php?$args";
}
location @wpt_permalinks_fallback {
try_files $uri $sef_entry_point;
}
error_page 404 = @wpt_permalinks_fallback;
error_page 405 = @wpt_permalinks_fallback;