Backend Protection does not work

Hi Jose,

Thank you very much! I attached a picture for you to see the warning message. As you see, the administrator URL should be protected, but I can login without it on this site. It's working on every Apache enviroments but not on the NGINX. I never had any problem with this before, but latly my several sites was hacked as the internet provider switched for NGINX silently.

BR,
Boldi

 

You're welcome Boldi.

After your hosting provider switched to nginx, did you click on the "Generate rules" button on left top of the page? If not maybe the old .htaccess still exists; in that case you must generate a new one using the "Generate rules" button (You should rename your .htaccess before doing that to be fully sure we are not overriding current content).

Please try this and tell me if it works.

Regards,
Jose

HI,
Yes, I've tried it. When I click on GENERATE RULES button, it generate a file, which I can save on my local machine. You can check it on the picture. Where should I put this file? I don't have access to the server, I only have a PLESK acount where I can manage my domains, DB,s, files, etc.
BR,
Boldi

Hi Boldi,

Then it's working fine. By nginx design I can't add the rules to the proper file as we do in apache with the .htaccess file. So I generate the rules you (or your hoster) must put in the right file (typically into nginx/sites_available/default):

 

Sorry but this is a matter of how Nginx is designed.

Regards,
Jose

Hi Jose,
Thank you! I really appreciate your kind and quick help.
I'll check it with my server provider.
BR,
Boldi

You're welcome Boldi!

Regards,
Jose