If you know about NGINX and servers, Webinoly is for you!
0 votes
54 views
by Rookie
I tried to add the following code in my nginx custom config file.

location = /xmlrpc.php {
    deny all;
    access_log off;
    log_not_found off;
    return 444;
}

However, I got an error after restarting the nginx service because a "duplicate location" for /xmlrpc.php.

It is also specified in common/wpcommon.conf:

location = /xmlrpc.php {
   limit_req zone=one burst=1 nodelay;
   include fastcgi_params;
   fastcgi_pass php;
}

Is there any way to add custom code for the /xmlrpc.php location without directly editing the common/wpcommon.conf file? I'm worried that it will be overwritten on a future update.

As I understand, the existing code applies some kind of rate limiting. But I would rather shut the requests down completely because I have no use for xmlrpc.

1 Answer

0 votes
by Expert

Hi James,

You're right, the current code is only rate-limiting the requests to this file.

For now, the only way is to modify the wpcommon.conf file, definitely we need to change it and allow users to have their own choice at least with this specific file, especially when it's a very common case like this. I will add this feature in our roadmap and maybe we will have a permanent solution released in v1.14.0.

Nginx configuration files are not always overwritten in each Webinoly update, just when the stack version is raised. Check: sudo webinoly -v

Welcome to the Community site for Webinoly.

Our Optimized LEMP Web Server is a powerful set of commands for doing just about anything you could wish.

With Webinoly you can set up your NGINX web server in just one step.

* * * * * * *

To report a bug, please create a new issue on GitHub or ask a question here with the bug tag.

Donations

Webinoly Support Paypal Donations Webinoly Support Bitcoin Donations GitHub Sponsors

Your regular donations is what keep this project moving forward. If you like Webinoly, buy me a coffee or a beer to show support.

Affiliate Links

It is very important that any visitor to the site read the disclaimer, terms of use and privacy and legal statement before start browsing.

...