configuration - nginx.conf appeared in all WordPress installations on folder

I run a couple of WordPress sites on a cloud server that I own. All of these sites run on the same Apache installation. Recently, I've found that in all of my WordPress webroot folders, an empty file called nginx.conf has appeared.

Should I be concerned (about a security breach)? I don't think WordPress creates an nginx.conf file on the webroot when updating or being installed. But I can't find anything about this on Google.

Share Improve this question asked Mar 13, 2019 at 14:37 John Doe 2871 gold badge2 silver badges15 bronze badges

If you haven't already it's probably worth grepping your entire installation, including wp-content for plugins and theme, for nginx.conf to see if any of those might be doing it. I guess this is entirely self-hosted, i.e. you don't have WP Engine's mu-plugin or similar? Can you tell anything from the file ownership - i.e. was it written by the apache user - and timestamps on these files? If you delete them and update something do they come back? (e.g. you could clone a site and then update it to a beta channel if you're already on 5.1.1) – Rup Commented Mar 13, 2019 at 17:26
1 Thanks for suggesting to grep my entire installation. I found the issue. I have the iThemes Security plugin installed on all my WordPress sites, and this causes nginx.conf to be created in the root folders when certain config settings are run. – John Doe Commented Mar 14, 2019 at 3:33

Add a comment |

1 Answer 1

Sorted by: Reset to default 1

Late to the party but if anyone finds this as a result of a search.

this will have been auto-created when you installed Ithemes security.

By default, it will create an Nginx.conf file in the site public_html folder you can change the location of this file in the settings.

If it is on apache it shouldn't really do this though.

科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

configuration - nginx.conf appeared in all WordPress installations on folder

1 Answer 1

与本文相关的文章

评论列表(0)