Write to NGINX

Hi Team Awesome!
I have ssh/sftp acces to the server and i'm tryin to add these lines into my config so that i can make Defender and hummingbird work 100% correct.

Can you help add it, i can't figure it out?

EDIT: Please don't post your details here as forums are public

Thanks a lot :slight_smile:
Kevin

  • Dimitris

    Hello Kevin,

    I hope you're having a beautiful day! :slight_smile:

    First of all, I edited your topic description here as our forums are public. Can you please, change these passwords and send the new credentials through our contact form https://premium.wpmudev.org/contact/ using this template:

    Subject: "Attn: Dimitris"
    -SFTP credentials (host/username/password)
    -link back to this thread for reference
    -any other relevant urls

    Select "I have a different question" for your topic - this and the subject line ensure that it gets assigned to me :slight_smile:

    After doing so, please grant us support access to your site in order to have a better look. You can find detailed information in https://premium.wpmudev.org/manuals/wpmu-dev-dashboard-enabling-staff-login/

    Finally, can you please elaborate a bit more on this? Which aspects of HB and Defender aren't working for you? Please advise! :slight_smile:

    Warm regards
    Dimitris

  • Keviin

    Done :slight_smile:

    The things i need help to is this:

    The sites i refer to is hostet on the same server and some of the sites wont gzip and some can.
    It's the same with Defender and Prevent Information Disclosure.
    http://rebornincorporated.com/share/HB_gzip.png

    On gaia-jewels.com it wont but then i just installed WP on isreborn-com (test domain) and it works. You have access to both.

    Does it make any sense?

    Kevin :slight_smile:

  • Dimitris

    Hey there Kevin,

    thanks for sending us more info and granting us access! :slight_smile:

    Considering gaia-jewels.com, can you please add the following snippet, to the http section inside /etc/nginx/nginx.conf file?
    I was unable to save this file, due to perimissions set on the server.

    # Enable Gzip compression
    gzip          on;
    
    # Compression level (1-9)
    gzip_comp_level     5;
    
    # Don't compress anything under 256 bytes
    gzip_min_length     256;
    
    # Compress output of these MIME-types
    gzip_types
        application/atom+xml
        application/javascript
        application/json
        application/rss+xml
        application/vnd.ms-fontobject
        application/x-font-ttf
        application/x-javascript
        application/x-web-app-manifest+json
        application/xhtml+xml
        application/xml
        font/opentype
        image/svg+xml
        image/x-icon
        text/css
        text/plain
        text/javascript
        text/x-component;
    
    # Disable gzip for bad browsers
    gzip_disable  "MSIE [1-6]\.(?!.*SV1)";

    After saving the file, reload nginx with this command line
    service nginx reload
    and check again Hummingbird.

    It's the same with Defender and Prevent Information Disclosure.

    So, you should "Copy next code into your site specific .conf file usually located in a subdirectory under /etc/nginx/."
    As far as I can see this should be /etc/nginx/plesk.conf.d/server.conf. I really can't say for sure though, as I can't reach this file due to permission reasons, again. Can you please see if there's a "server" section in there, and insert next code right before the php location block (looks something like: location ~ \.php$ { ). Afterwards, reload nginx and check again Defender. :wink:

    ## WP Defender - Prevent information disclosure ##
    				# Turn off directory indexing
    autoindex off;
    
    # Deny access to htaccess and other hidden files
    location ~ /\. {
      deny  all;
    }
    
    # Deny access to wp-config.php file
    location = /wp-config.php {
      deny all;
    }
    
    # Deny access to revealing or potentially dangerous files in the /wp-content/ directory (including sub-folders)
    location ~* ^/wp-content/.*\.(txt|md|exe|sh|bak|inc|pot|po|mo|log|sql)$ {
      deny all;
    }
    				## WP Defender - End ##

    Looking forward to hear back from you!

    Kind regards,
    Dimitris

    PS. If you can resolve these permissions glitches that my user has, I can go on and proceed with all changes. :wink:

  • Keviin

    Thanks, Dimitris, but i do not know you can't save, i can't either :disappointed:
    We have plesk on our server, i can provide you the login details if you want to help with the acces and how to write on the config file, i'm unaware how to do it :disappointed:

    And the terminal stuff is way over my level, don't even know how get be the right place when i type the command. :disappointed: A little stupid at that point i'm afraid.

    Is there a way you can help or do i have to get som support from other people?

    Best
    Kevin

  • Dimitris

    Hi Kevin,

    can you please contact your hosting provider and ask them to make these changes for you?
    If they don't make such modifications and this comes down to Plesk control, feel free to send us your Plesk credentials throught our contact form https://premium.wpmudev.org/contact/ using this template:

    Subject: "Attn: Dimitris"
    -Plesk login url
    -Plesk credentials (username/password)
    -link back to this thread for reference
    -any other relevant urls

    Select "I have a different question" for your topic - this and the subject line ensure that it gets assigned to me :slight_smile:

    Kind regards,
    Dimitris

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.