How to properly put wp-login.php behind nginx password auth?


#1

Maybe by using custom user and password. I’m sorry just a newbie on EsasyEngine.


#2

hello @RoldanLT

To put wp-login.php behind password authentication you to add extra below line into wpcommon.conf

location = /wp-login.php {

include common/acl.conf;
 fastcgi_pass php;
 include /etc/nginx/fastcgi_params;

}


#3

No :D, the correct way is to modify the line of code from:

  location = /wp-login.php {
  limit_req zone=one burst=1 nodelay;
  include fastcgi_params;
  fastcgi_pass php;
}

to

location = /wp-login.php {
  include common/acl.conf;
  limit_req zone=one burst=1 nodelay;
  include fastcgi_params;
  fastcgi_pass php;
}

That way it work :).

Thanks!


#4

Yes my mistake you need to modify this block rather than creating new location = /wp-login.php .

Also you can skip limit_req zone=one burst=1 nodelay; because any intruder at first need to pass HTTP authentication before he can enter to wp-login.php .


#5

But this modification will be revert when I update EE right? :confused:


#6