How to disable access to a file inside a directory nginx

fextru

3/12/23, 9:06 PM

Hello I'm trying to prevent access to the file /wp-admin/load-scripts.php in the nginx config I'm currently working with

 location ~ \/wp-admin\/load-(scripts|styles).php {
        deny all;
        }

and it's still allowing access to the file

150

0 + 0

nginx

Paul

3/12/23, 9:21 PM

Does `location ~ /wp-admin/load-(scripts|styles)\.php { deny all; }` work?

fextru

3/12/23, 9:26 PM

Nope, I've tried it and can confirm it dose not work :/

fextru

3/12/23, 9:28 PM

Just for reference this is what I'm trying to prevent https://wpcerber.com/how-to-protect-wordpress-against-cve-2018-6389/

Paul

3/12/23, 9:31 PM

I usually go the other way and `allow` what I need and `deny all`, but this requires testing all of the installed configured templates and plugins. In one config I do have specific location blocked, but for that I have `\.php$`. I can't remember now why I used the `$`.

fextru

3/12/23, 9:42 PM

Right but i don't need /load-scripts.php

Annahri

3/12/23, 11:57 PM

Does `location ~ /wp-admin/load-(scripts|styles)\.php$ { return 404; }` work?

Paul

3/13/23, 12:00 AM

Please post the `server` block.

fextru

3/13/23, 9:59 AM

i successfully got the configuration working but unfortunately the exploit still persists.

fextru

3/13/23, 9:59 AM

Thank you Paul and Annahri for the help

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to disable access to a file inside a directory nginx

TH: วิธีปิดการเข้าถึงไฟล์ภายในไดเร็กทอรี nginx

RO: Cum să dezactivați accesul la un fișier din directorul nginx

RU: Как отключить доступ к файлу внутри каталога nginx

VI: Cách vô hiệu hóa quyền truy cập vào một tệp trong thư mục nginx

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.