# WordPress COMMON SETTINGS
# DO NOT MODIFY, ALL CHNAGES LOST AFTER UPDATE EasyEngine (ee)
# Limit access to avoid brute force attack
location = /wp-login.php {
  limit_req zone=one burst=1 nodelay;
  include fastcgi_params;
  fastcgi_pass php;
}
# Disable wp-config.txt
location = /wp-config.txt {
  deny all;
  access_log off;
  log_not_found off;
}
# Disallow php in upload folder
location /wp-content/uploads/ {
  location ~ \.php$ {
    #Prevent Direct Access Of PHP Files From Web Browsers
    deny all;
  }
}
# Yoast sitemap
location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
  rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent;
  rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;
  # Rules for yoast sitemap with wp|wpsubdir|wpsubdomain
  rewrite ^.*/sitemap_index\.xml$ /index.php?sitemap=1 last;
  rewrite ^.*/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
  # Following lines are options. Needed for WordPress seo addons
  rewrite ^/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last;
  rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
  rewrite ^/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last;
  rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last;
  access_log off;
}