digitalocean/nginxconfig.io

wordpress.conf disable xmlrpc service by default

Open

#316 aperta il 29 dic 2021

Vedi su GitHub
 (5 commenti) (0 reazioni) (0 assegnatari)JavaScript (1978 fork)batch import
enhancementgood first issuehacktoberfesthelp wanted

Metriche repository

Star
 (26.979 star)
Metriche merge PR
 (Nessuna PR mergiata in 30 g)

Descrizione

Sorry for not following the template. It's a straightforward question.

By enabling "WordPress-specific rules", the following codes will be added to the wordpress.conf:

# WordPress: deny general stuff
location ~* ^/(?:xmlrpc\.php|wp-links-opml\.php|wp-config\.php|wp-config-sample\.php|readme\.html|license\.txt)$ {
    deny all;
}

However, this disables xmlrpc feature, which disables WordPress mobile and desktop applications to access the site.

Should we consider adding a notice or make it optional?

Guida contributor