refactor: Remove RedHat/CentOS support, focus on Ubuntu/Debian
BREAKING CHANGE: Removed RedHat/CentOS/Rocky Linux support to improve stability - Remove all RedHat/CentOS-specific code and variables - Consolidate Ubuntu/Debian variables into single debian-family.yml - Simplify CI/CD pipeline (remove CentOS tests) - Remove unstable multi-OS complexity - Update documentation to reflect Ubuntu/Debian focus - Streamline playbooks for better maintainability This change makes the project more stable and maintainable by focusing on the most common server distributions (Ubuntu/Debian) instead of trying to support multiple OS families with different package managers and configurations.
This commit is contained in:
@@ -1,75 +0,0 @@
|
||||
server {
|
||||
listen 80;
|
||||
server_name {{ domain_name | default('_') }};
|
||||
|
||||
root {{ wordpress_path }};
|
||||
index index.php index.html index.htm;
|
||||
|
||||
# Logging
|
||||
access_log {{ log_dir }}/nginx/wordpress_access.log;
|
||||
error_log {{ log_dir }}/nginx/wordpress_error.log;
|
||||
|
||||
# WordPress specific rules
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
fastcgi_pass unix:{{ php_fpm_socket }};
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
include fastcgi_params;
|
||||
|
||||
# Security
|
||||
fastcgi_hide_header X-Powered-By;
|
||||
}
|
||||
|
||||
# Deny access to hidden files
|
||||
location ~ /\. {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
# WordPress uploads
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
expires 1y;
|
||||
add_header Cache-Control "public, immutable";
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# WordPress security
|
||||
location ~* ^/(wp-config\.php|wp-config-sample\.php|readme\.html|license\.txt)$ {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
# Deny access to any files with a .php extension in the uploads directory
|
||||
location ~* /(?:uploads|files)/.*\.php$ {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
# WordPress REST API and XMLRPC protection
|
||||
location = /xmlrpc.php {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
# Block access to wp-includes folders and files
|
||||
location ~* ^/wp-includes/.*.php$ {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
# Block wp-content/uploads php files
|
||||
location ~* ^/wp-content/uploads/.*.php$ {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user