Help with nginx template syntax :(

[Greg]

I need to disallow access to xmlrpc.php server wide for anything but localhost by adding it to this template below.

No idea if I can add it to the existing such block that forbirds wp-login.php or should add new one?

Is that the most effective way to do it?

Sorry for the stupid question but I'm very new to nginx and need that urgently since the server is crashing every hour or so

and it's a sunny Saturday

server {
    listen      %ip%:%proxy_port%;
    server_name %domain_idn% %alias_idn%;
    error_log  /var/log/%web_system%/domains/%domain%.error.log error;

    location / {

location ~ wp-login.php {
    allow 127.0.0.1;
    deny all;
     }

        proxy_pass      http://%ip%:%web_port%;
        location ~* ^.+\.(%proxy_extentions%)$ {
            root           %docroot%;
            access_log     /var/log/%web_system%/domains/%domain%.log combined;
            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
            expires        max;
            try_files      $uri @fallback;
        }
    }

    location /error/ {
        alias   %home%/%user%/web/%domain%/document_errors/;
    }

    location @fallback {
        proxy_pass      http://%ip%:%web_port%;
    }

    location ~ /\.ht    {return 404;}
    location ~ /\.svn/  {return 404;}
    location ~ /\.git/  {return 404;}
    location ~ /\.hg/   {return 404;}
    location ~ /\.bzr/  {return 404;}

    include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

 

[Munzy]

Honestly that code looks like shit, my guess is you are crashing to random loops or errors in that config. Doesn't even look like everything is in the server bracket.

 

[Greg]

well that's the default vestacp template with just this part added


location / {

location ~ wp-login.php {
allow 127.0.0.1;
deny all;
}


so you sure it is that bad?

anything constructive to say about how to actually do it?

 

[DomainBop]

anything constructive to say about how to actually do it?

I use plugins like 'bruteprotect' and 'disable xml-rpc pingback' instead of trying to do it in a nginx location block...

No idea if I can add it to the existing such block that forbirds wp-login.php or should add new one?

I'd add a new location block for the xmlrpc.php block. 

If your server is constantly crashing try disabling access and error logging inside the 2 location blocks to reduce server load/disk writes 

location = /xmlrpc.php {      


        deny all;

        access_log off;

        error_log off;


    }

server is crashing every hour or so

what do the logs show when it crashes?

 

[Munzy]

http://paste.ee/p/HUuFW

 

[Greg]

I use plugins like 'bruteprotect' and 'disable xml-rpc pingback' instead of trying to do it in a nginx location block...

I'd add a new location block for the xmlrpc.php block. 

If your server is constantly crashing try disabling access and error logging inside the 2 location blocks to reduce server load/disk writes 

location = /xmlrpc.php {      


        deny all;

        access_log off;

        error_log off;


    }

what do the logs show when it crashes?

well apache status was showing like 200 processes and 90% of them occupied by that same file from the different sites

probably someone taking advantage of my server to attack others

http://paste.ee/p/HUuFW

thank you! I'll try that code later

you guys are great