Hiding the nginx server version for security or PCI compliance reasons is super simple.
Just add
server_tokens off
Into your nginx.conf
Kieran Barnes-Lucas – Independent PHP, WordPress, Woocommerce & CakePHP Programmer
Hiding the nginx server version for security or PCI compliance reasons is super simple.
Just add
server_tokens off
Into your nginx.conf
Are you running WordPress on nginx? A massive security win is securing your wp-admin area by limiting IP access. How? Easy.
Drop these lines into your nginx.conf or relevant vhost config file Continue reading “Protect wp-admin with Nginx”
PHP is an incredibly versatile language and if used in the wrong way, either maliciously or by accident has the potential to mess up an entire webserver. This can be a major problem if you are offering a shared hosting environment.
There is an often overlooked php.ini setting called disable_functions at hand. Continue reading “Disabling Dangerous PHP Functions in a Shared Environment”
Code minification rules, but it sucks. The process of removing all unnecessary characters from source code, without changing its functionality. Brilliant! It reduces the amount of data, at byte level that needs to be transferred, so your site loads faster. But its a pain for developers as it involves shoving code through a minimiser before uploading, an extra step increasing development time.
Decreases of upto 70% are easily achieved.
Well, as if you needed another reason to ditch Apache, here’s another one. nginx allows us to minify on the fly. Here’s how. Continue reading “Minify CSS on the fly with nginx”
I won’t go into the reasons why you should install nginx, if you’re here, you’ve already decided.
Here’s how I installed nginx and PHP-FPM on CentOS.
Continue reading “Installing nginx & PHP-FPM securely on CentOS”
It is common with Nginx to pass every URI ending in .php to the PHP parser, if using a default PHP build this might lead to security issues. Nginx is a reverse proxy and as such does not have a concept of file unless you specifically tell it to. So if your configuration looks like this.