I have a pretty typical WordPress install behind nginx where I have rules defined like:
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ .php$ {
fastcgi_split_path_info ^(.+.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
Now, I want to IP restrict the admin and login pages, and I add the following before the above pasted code:
location ~ ^/(wp-admin|wp-login.php) {
allow $myip;
deny all;
}
This makes it so I can access wp-admin/ and wp-login.php only with the specified IP address, but it ends up downloading the .php files instead of proxying them to PHP then returning the result. How can I change the above rule to say just process the rest of the rules (i.e. fall into the “location /” or “location ~ .php” blocks?
