How to correctly setup location block for Wordpress at /blog on existing site

I have installed Wordpress at the /var/www/html/wordpress and modified my sites-available file as shows:

server {
        root /var/www/html/;
        index index.php index.html;
        access_log /var/log/nginx/;
        error_log /var/log/nginx/;
        set $yii_bootstrap "index.php";
        charset utf-8;

location / {
        index  index.html $yii_bootstrap;
        try_files $uri $uri/ /$yii_bootstrap?$args;

<^>location /blog/ {
        alias /var/www/html/wordpress;
        index index.php index.html index.htm index.nginx-debian.html;
        try_files $uri $uri/ /blog/index.php$is_args$args;

        location ~ \.php$ {
            include snippets/fastcgi-php.conf;
            fastcgi_pass unix:/run/php/php7.0-fpm.sock;
location ~ ^/(protected|framework|themes/\w+/views) {
        deny  all;

location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {
        try_files $uri =404;

location ~ \.php {
        fastcgi_index index.php;
        fastcgi_split_path_info ^(.+\.php)(.*)$;
        set $fsn /$yii_bootstrap;
        if (-f $document_root$fastcgi_script_name){
            set $fsn $fastcgi_script_name;
        include /etc/nginx/fastcgi_params;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;

## other lines below unchanged as they are for certbot

I am getting a 403 forbidden error when going to, and it shows in the access logs that way.

The main site is running yii, so I’m not sure what else I need to do to allow this access. Normally I’d allow my IP access in an .htaccess file but I don’t know how to set that up for this situation.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

To use .htaccess files you will need a create a .htpasswd file outside of the root directory for it to point to.

Assuming you have a server running Apache 2.4, you can create a .htaccess file like this one below. The example below will password protect the info.php file in the root directory and will require both a password and a device originating from the dynamic DNS (underlying IP address). However, you change the DDNS for an IP instead.

DDNS (Dynamic DNS) maps your public IP address from your home ISP broadband to a domain name so that you don’t have to keep typing IP addresses in all the time, and instead use an easily remember-able name. is my free favourite one.


<Files info.php>
AuthType Basic
AuthBasicProvider file
AuthName "Authentication Required"
AuthUserFile "/etc/apache2/.htpasswd_store/.htpasswd"
    Require forward-dns
    Require valid-user
    Require ip

You can create the .htpasswd file with

sudo htpasswd -b /etc/apache2/.htpasswd_store/.htpasswd username password

You will need to add the AllowOverride parameter in Apache’s virtulhost section too so that it looks for `.htaccess files.

    <Directory />
        DirectoryIndex index.html index.php
        AllowOverride All