• Home
  • WordPress
  • web Hosting
    • Free hosting
    • Cheap Hosting
    • comparison cloud , vps, shared, wordpress
    • managed wordpress hosting
    • managed cloud hosting
  • page Speed
  • Deals
  • Services
  • About

RAaz Kumar .com

wordpress tutorials seo hosting etc


Top 10 tips to improve nginx server security

 

inorder to implement security rules, first we know the types attacks & vulnerabilities of server, or linux kernel.

most common attacks are

#1 brute force attacks ddos (to take down the server)

#2 SQL injection (to gain access to database to steal valuable info like customer credit card details)

#3XSS cross site injection

sending post requests from their severs, to our database.

#4 application level vulnerabilities, kernel level etc.

 

 

 

rate limiting

we can configure it in nginx.conf
blocking certain ip address , once it reaches the maximum request per second.
this way we can avoid brute force attacks

disable unwanted modules /install with required modules

so we limit operation
less exposure
# ./configure –without-http_autoindex_module
# make
# make install

Disable nginx server_tokens

server_tokens off
in nginx.conf

avoid large buffer size

large_client_header_buffers
client_max_body_size
client_header_buffer_size
client_body_buffer_size

disable unwanted methods

location /
{limit_except GET HEAD POST { deny all; }}
unwanted methods like delete trace blocks by nginx.

install mod security or other waf solutions

setup critical access loge for convienent
error_log logs/error.log crit;

Monitor nginx with status module /New relic / datadog

nginx statut module free but you need recompile the nginx.
or follow the approache how to use nginx dynamic modules
New relic & data dog server & application monitoring services at entrepreneur level.
also try netdata.
my recommendation is newrelic, you can also track on android app.

#add security headers

disable iframes on other websites
add_header X-Frame-Options “SAMEORIGIN”;

Strict-Transport-Security only https

add_header Strict-Transport-Security “max-age=31536000; includeSubdomains; preload”;

CSP and X-XSS-Protection headers

CSP
content security policy, xss crosite scripting attacks,
you must understand the policies must before yding this.
add_header Content-Security-Policy “default-src ‘self’ http: https: data: blob: ‘unsafe-inline'” always;
Xss
getting data from your server database by post requests .
add_header X-XSS-Protection “1; mode=block”;

Confogure latest ssl vesions & ciphersuites

ssl 3 or tls 1 version old its easy to hckable.
tsl 1.2 also some vulnarebilies
tls 1.3 new but almost all browser supports now as on 2020
ssl_protocols TLSv1.2 TLSv1.3
ciphersuites Based on server not from user
ssl_prefer_server_ciphers on;

update nginx upto date

to know what’s they fixed, added new features.
always do
apt-update
upgrable command
thrn check details on their website nginx.org
to check nginx security
Install gixy
pip install gixy
&run
gixy
it checks
/etc/nginx/nginx.conf
iptables /ufw /firewall d also helps to strengthen the security.
https://github.com/yandex/gixy
https://www.digitalocean.com/community/tools/nginx?domains.1.server.domain=example2.com

Related topics:

  1. linux security limits.conf deciding user limits process limits for nginx server
  2. 3 Ways (SCP, rsync, Sftp) linux server migration between two remote server apache nginx
  3. nginx conf explained best config file performance tuning tips nginx.conf location errors tutorial
  4. apache server tutorial (install,config, performance tuning, security, error handling)
  5. nginx server tutorials (installation, configuration, performance tuning, security)

tutorials

  • Vivek Bindra Videos Transcription (business strategy)
  • git commands
  • new relic php agent install in 3 steps
  • new relic mysql install integration - 2 ways fix problems
  • new relic installation linux (infrastructure agent , php, mysql , nginx)
  • xampp tutorials 2021 installation errors fix wordpress phpmyadmin mysql apache
  • Redis performance metrics & tuning for nginx apache ubuntu & debian
  • Devops course Syllabus topics PDF AWS, Azure, cisco, redhat
  • CCNA Syllabus pdf (CCNA / CCNP vs devops vs mcsa /MCSE)
  • how to create a website free of cost on google
  • what is vpn vs proxy vs tor, http vs https, http2, tcp vs udp, kali linux sql source code injection
  • nginx server tutorials (installation, configuration, performance tuning, security)
    • Top 10 tips to improve nginx server security
    • install phpmyadmin ubuntu nginx 22.04
    • php fpm install ubuntu 20.04 nginx
    • nginx upstream response is buffered to a temporary file
    • php fpm ondemand vs dynamic vs Static (the dynamic pool problem)
    • Php fpm configuration for 1000 concurrent connections server busy max children reached
    • php fpm seems busy fixed warning and max children reached to handle max connections / requests
    • newrelic nginx integration process and errors fix and metrics
    • datadog nginx integration installation process
    • nginx rate limiting explained by location time specific url
    • SSL faster reduce TLS hand shake improve https performance
    • monitor nginx request with nginx status amplify datadog new relic
    • nginx installation on ubuntu 20.04 LTS
    • enable brotli compression nginx brotli vs gzip
    • nginx performance tuning
    • Letsencrypt SSL Installation on apache/Nginx ubuntu / debian wordpress
    • letsencrypt install configure on ubuntu / debian nginx
    • what is TTFB & how to Reduce it (server response time) Google pagespeed
    • php fpm restart nginx ubuntu enable status page, monitor etc
    • php fpm pool manager configuration settings based on server spike high cpu wordpress
    • nginx modules list (enable, disable, upgrade, install dynamic module)
    • nginx rewrite rules with examples 301 redirection
    • use nginx as reverse proxy and load balancer for apache wordpress
    • nginx conf explained best config file performance tuning tips nginx.conf location errors tutorial
    • nginx errors (504,502, 413, unable to start, syntax errors)
    • Pagespeed module install, configure, monitor, errors ft nginx &apache
    • Apache vs nginx (connection handling, modules, memory usage)
    • install LEMP Stack on 22.04 LTS Nginx MySQL PHP fpm #wordpress #digital ocean
    • nginx fastcgi cache wordpress how to configure
    • fix error 520 522 524 on cloudflare wordpress godaddy nginx etc
  • MySQL Tutorial (create,connect database, update tables, export etc) Documentation & TIPS
  • AUdio Editing Background Noise removal (Audacity, Adobe Premiere Addition, Camtasia Filmora Windows Obs)
  • Android Studio tutorials syllabus Topics Course details #AndroidApplicationDevelopment
  • [INTRO] Ethical hacking / cyber Security / Penetration testing Tutorial -{updates frequently}
  • redis install ubuntu 20.04 with wordpress php redis mysql configuration
  • ubuntu tutorials installation download issues etc
  • Php tutorials
  • HTML & CSS Tutorials
  • Core Java Tutorial Free online
  • Linux sysadmin tutorials linux system administrator
  • apache server tutorial (install,config, performance tuning, security, error handling)

 

 

wordpress Pagespeed optimization

Digitalocean free $100 Credit

Cloudways Review pricing promo codes

Siteground cpu limits Pricing

Shared Hosting

Managed wordpress Hosting

Managed Hosting Cloud server

VPS Hosting

Cloud Hosting – Unmanaged

Google cloud Pricing

Aws Pricing

Azure pricing

nginx server tutorials

apache server tutorials

linux sysadmin tutorials

mysql Commands list pdf

LEMP Install Ubuntu

Mysql Performance Tuning

Nginx Performance tuning

Linux Performance tuning

Php -fpm performance tuning

Redis Performance tuning

linux server security

nginx security best practices

wordpress security plugins

 

 

wordpress

 

Top 5  WP Google Analytics Plugins

WP Backup Plugins

Wp Comment Plugins

Top wordpress Security Plugins

WP Seo Plugins

WP Caching Plugins

Best Adsense Plugins for WordPress

Wp social Sharing Plugins

autoshare social media plugins

WP speed Optimization Plugins

Speedup WordPress google Score

More Wp tuts

Server Admin Cloud

 

Installing Nginx LEMP On ubuntu

Installing apache Lamp ubuntu

nginx fastcgi cache enable

php – fpm install  & Configuration

Opcache install & Configure

php -fpm pool manager explained

Mysql Install & Configuration

Redis Object cache install & configure

 

Nginx as Reverse Proxy and Load balancer

Load Balance / auto scaling in google cloud

Linux Commands PDF

Mysql Commands Pdf

Letsencrypt tutorial

mysqldump export & import 

Pagespeed Module install & configure

nginx.conf best file

mysql.conf best file

upgrade ubuntu

© 2023 - All Rights Reserved Disclaimer & Privacy Policy