Protect wp-admin with Nginx
Are you running WordPress on nginx? A massive security win is securing your wp-admin area by limiting IP access. How? Easy.
Drop these lines into your nginx.conf or relevant vhost config file
Disabling Dangerous PHP Functions in a Shared Environment
PHP is an incredibly versatile language and if used in the wrong way, either maliciously or by accident has the potential to mess up an entire webserver. This can be a major problem if you are offering a shared hosting environment.
There is an often overlooked php.ini setting called disable_functions at hand.
Minify CSS on the fly with nginx
Code minification rules, but it sucks. The process of removing all unnecessary characters from source code, without changing its functionality. Brilliant! It reduces the amount of data, at byte level that needs to be transferred, so your site loads faster. But its a pain for developers as it involves shoving code through a minimiser before uploading, an extra step increasing development time.
Decreases of upto 70% are easily achieved.
Well, as if you needed another reason to ditch Apache, here's another one. nginx allows us to minify on the fly. Here's how.
Installing nginx & PHP-FPM securely on CentOS
I won't go into the reasons why you should install nginx, if you're here, you've already decided.
Here's how I installed nginx and PHP-FPM on CentOS.
Passing Every ~ \.php$ request to to PHP
It is common with Nginx to pass every URI ending in .php to the PHP parser, if using a default PHP build this might lead to security issues. Nginx is a reverse proxy and as such does not have a concept of file unless you specifically tell it to. So if your configuration looks like this.
