From 4f9944ebdbae6a41ff26b3da432ac69731b570da Mon Sep 17 00:00:00 2001
From: Mitesh Shah <Mitesh.Shah@rtcamp.com>
Date: Mon, 23 Sep 2013 11:36:27 +0530
Subject: [PATCH] Limit Access To Avoid Brute Force Attack With 403

---
 etc/nginx/common/wpcommon.conf | 2 +-
 usr/local/sbin/easyengine      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/etc/nginx/common/wpcommon.conf b/etc/nginx/common/wpcommon.conf
index 2e6a5ff7..cc02529a 100644
--- a/etc/nginx/common/wpcommon.conf
+++ b/etc/nginx/common/wpcommon.conf
@@ -2,7 +2,7 @@
 
 
 # Limit Access To Avoid Brute Force Attack
-location = \wp-login.php {
+location = /wp-login.php {
 	limit_req zone=one burst=1 nodelay;
 	include fastcgi_params;
 	fastcgi_pass php;
diff --git a/usr/local/sbin/easyengine b/usr/local/sbin/easyengine
index 36aec607..8567bf1a 100755
--- a/usr/local/sbin/easyengine
+++ b/usr/local/sbin/easyengine
@@ -124,7 +124,7 @@ COMMONNGINX()
 		sed -i "s/worker_processes.*/worker_processes `cat /proc/cpuinfo | grep processor | wc -l`;/" /etc/nginx/nginx.conf
 
 		# Disable Nginx Version Set Custome Headers Variables And Proxy Settings
-		sed -i "s/http {/http {\n\t##\n\t# Easy Engine Settings\n\t##\n\n\tserver_tokens off;\n\tadd_header X-Powered-By "EasyEngine";\n\tadd_header rt-Fastcgi-Cache \$upstream_cache_status;\n\tlimit_req_zone \$binary_remote_addr zone=one:10m rate=1r\/s;\n\n\t# Proxy Settings\n\t# set_real_ip_from\tproxy-server-ip;\n\t# real_ip_header\tX-Forwarded-For;\n\n\tfastcgi_read_timeout 300;\n\tclient_max_body_size 100m;\n\n/" /etc/nginx/nginx.conf
+		sed -i "s/http {/http {\n\t##\n\t# Easy Engine Settings\n\t##\n\n\tserver_tokens off;\n\tadd_header X-Powered-By "EasyEngine";\n\tadd_header rt-Fastcgi-Cache \$upstream_cache_status;\n\n\t# Limit Request\n\tlimit_req_status 403;\n\tlimit_req_zone \$binary_remote_addr zone=one:10m rate=1r\/s;\n\n\t# Proxy Settings\n\t# set_real_ip_from\tproxy-server-ip;\n\t# real_ip_header\tX-Forwarded-For;\n\n\tfastcgi_read_timeout 300;\n\tclient_max_body_size 100m;\n\n/" /etc/nginx/nginx.conf
 
 		# Set Custome Logs
 		sed -i "s/error_log.*/error_log \/var\/log\/nginx\/error.log;\n\n\tlog_format rt_cache '\$remote_addr - \$upstream_cache_status [\$time_local]'\n\t\t'\"\$request\" \$status \$body_bytes_sent'\n\t\t'\"\$http_referer\" \"\$http_user_agent\"';/" /etc/nginx/nginx.conf