weval-l99/wp_deny.conf

# V86 WP scanner attacks blocker
location ~ ^/(wp-login\.php|xmlrpc\.php|wp-admin|wp-includes|wp-content|\.env)$ {
    deny all;
    access_log off;
    log_not_found off;
    return 444;
}