Angel
I noticed that the default config for NGINX on ploi has this file
/etc/nginx/sites-available/catch-all
With this line
server { return 404; }
If you change this from 404 to 444
server { return 444; }
With this, when the url assigned to the server does not exit, the server won´t return a 404 with nginx version and a lot of other information, but instead it will drop directly the connection and give 0 information to the attacker/bot, etc. Easy change that will improve the ploi default server config.
Increase NGINX default security
-
Dennis moved item to board Under review
7 months ago -
Angel moved item to project Server Level Requests
7 months ago -
Angel created the item
7 months ago