编辑 nginx.conf
隐藏nginx的版本号
server_tokens off;
server_info off;
server_tag off;
隐藏php版本号
fastcgi_hide_header X-Powered-By;
proxy_hide_header X-Powered-By;
禁止访问xmlrpc.php
location =/xmlrpc.php{
deny all;
}
禁止访问wp-config.php
location =/wp-config.php {
deny all;
}
禁止wp-content目录访问
location ~* ^/wp-content/ {
deny all;
}