Hardening

From 6bit.ch wiki
Revision as of 22:08, 3 January 2023 by Xbl (talk | contribs) (Created page with "= nginx = === HTTP Config === /etc/nginx/nginx.conf:</br> <code>server_tokens off</code> Stop the server from advertising versions</br> <code>add_header X-Frame-Options SAMEORIGIN always</code> Stop the website to be framed into other websites</br> <code>add_header X-Content-Type-Options nosniff</code> Avoid MIME type sniffing by saying that the MIME types are deliberately configured</br> <code>add_header X-XSS-Protection "1; mode=block"</code> lock pages from loading w...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

nginx

HTTP Config

/etc/nginx/nginx.conf:
server_tokens off Stop the server from advertising versions
add_header X-Frame-Options SAMEORIGIN always Stop the website to be framed into other websites
add_header X-Content-Type-Options nosniff Avoid MIME type sniffing by saying that the MIME types are deliberately configured
add_header X-XSS-Protection "1; mode=block" lock pages from loading when they detect reflected XSS attacks

Server Config

location /(wp-admin|wp-login\.php) {\ allow 1.2.3.4;\ deny all;\ } Block access to /wp-admin/, unless source IP is 1.2.3.4

Retrieved from "http://wiki.6bit.ch/index.php?title=Hardening&oldid=103"