ben/diyhosting
ben
/
diyhosting
1
0
Fork 1
Code Issues 1 Pull Requests Projects Releases Wiki Activity

hide nginx tokens

This commit is contained in:
Luke Smith 2021-08-29 16:47:53 -04:00
parent 91b729ac5b
commit 208d31af3e
No known key found for this signature in database
GPG Key ID: 4C50B54A911F6252
2 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
maintenance.html
View File

@ -14,7 +14,7 @@
<main>
<p>Here are some important topics you should be familiar with whenever you are managing a server.</p>
<h2>Keep packages up to date.</h2>
<h2 id="update">Keep packages up to date.</h2>
<p>All GNU/Linux distributions use package managers to easily be able to install and update packages without manually downloading them.
On Debian, which we use here for these tutorial the package manager is <code>apt-get</code> or <code>apt</code> for short.
</p>

14
nginx.html
View File

@ -13,7 +13,7 @@
<nav></nav>
<main>
<p>At this point, we should have a domain name and a server and the domain name should direct to the IP address of the server with DNS records.
As I said in previous articles, the instructions I will give will be for <strong>Debian 10</strong>.
As I said in previous articles, the instructions I will give will be for <strong>Debian</strong>.
In this article, other distributions might work a little differently.</p>
<h2>Logging in to the server</h2>
@ -48,7 +48,7 @@
</p>
</aside>
<h2>Installing the Webserver: NGINX</h2>
<h2>Installing the Webserver: Ngninx</h2>
<p>
If the program runs without an error, <code>ssh</code> has now logged you into your server.
@ -217,6 +217,16 @@ Port 80 is the canonical webserver port, while 443 is the port used for encrypte
We will certainly need that for the next page.
</p>
<h2>Nginx security hint</h2>
<p>By default, Nginx and most other webservers automatically show their version number on error pages.
It's a good idea to disable this from happening because if an exploit comes out for your server software, someone could exploit it. Open the main Nginx config file <code>/etc/nginx/nginx.conf</code> and find the line <code># server_tokens off;</code>. Uncomment it, and reload Nginx.
</p>
<p>
Remember to <a href="maintenance.html#update">keep your server software up to date</a> to get the latest security fixes!
</p>
<h2>We now have running website!</h2>
<p>