# WordPress Common Settings


# Limit Access To Avoid Brute Force Attack
location = /wp-login.php {
	limit_req zone=one burst=1 nodelay;
	include fastcgi_params;
	fastcgi_pass php;
}

# Disallow PHP In Upload Folder
location /wp-content/uploads/ {
	location ~ \.php$ {
		#Prevent Direct Access Of PHP Files From Web Browsers
		deny all;
	}
}