They mentioned any custom config will get overwritten on every EE upgrade if you use the normal NGINX Conf files and i’ve noticed there is a location for custom configuration here: /var/lib/docker/volumes/***********_config_nginx/_data/custom/user.conf
I just need a mod or someone to confirm this is the location and whether we can literally just paste the following command in the user.conf file to disable wordpress XML-RPC:
server {
…
location /xmlrpc.php {
deny all;
}
}
I get EE and appreciate EE is free, it’s got me me this far. However the lack of information on how to configure their latest version is a big negative for me. Especially as they have taken the route of using docker contains. 70% of the VPS & Linux guides do not apply to the EEV4 environment.
Paths are different, conf files are different, standard commands don’t work because the corresponding service only responds to EEV4 limited commands. You cannot manually update PHP or other critical services unless the EE team make the update available via their service, that in itself is a security risk.
I am at the point now where i am researching Runcloud and ServerPilot and planning on switching over and paying. If i am struggling this much with a tool when my site is not even live, it will be a nightmare when it’s live and i have to manage more threats etc.
I honestly hope someone from the EE team reads this, as they have created something good here. Dropping the ball on things like documentation and information taints it.