# WordPress COMMON SETTINGS
# DO NOT MODIFY, ALL CHNAGES LOST AFTER UPDATE EasyEngine (ee)

# Limit access to avoid brute force attack
location = /wp-login.php {
	limit_req zone=one burst=1 nodelay;
	include fastcgi_params;
	fastcgi_pass php;
}

# Disable wp-config.txt
location = /wp-config.txt {
	deny  all;
	access_log off;
	log_not_found off;
}

# Disallow php in upload folder
location /wp-content/uploads/ {
	location ~ \.php$ {
		#Prevent Direct Access Of PHP Files From Web Browsers
		deny all;
	}
}

# Yoast sitemap
location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
	rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent;
  rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;
	rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last;
	rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;

  # Following lines are options. Needed for WordPress seo addons
  rewrite ^/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last;
	rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
	rewrite ^/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last;
	rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last;

	access_log off;
}