1242035

Source: https://www.cyberciti.biz/tips/linux-unix-bsd-nginx-webserver-security.html

This page collects hints how to improve the security of nginx web servers running on Linux or UNIX-like operating systems.

Default Config Files and Nginx Port

/usr/local/nginx/conf/ or /etc/nginx/– The nginx server configuration directory and /usr/local/nginx/conf/nginx.conf is main configuration file.
/usr/local/nginx/html/ or /var/www/html– The default document location.
/usr/local/nginx/logs/ or /var/log/nginx – The default log file location.
Nginx HTTP default port : TCP 80

SansGuidon

Basics

generate key in batch mode using a custom profile

gpg --gen-key --batch gpgspecs

create a file with your fingerprint info and display the related information. A fingerprint is used as a robust key identifier

gpg --fingerprint

Best practices

StevenACoffman

#!/bin/bash

function safe_curl() {
    # call this with a url argument, e.g.
    # safecurl.sh "http://eureka.test.cirrostratus.org:8080/eureka/v2/apps/"
    # separating the (verbose) curl options into an array for readability
    hash curl 2>/dev/null || { echo >&2 "I require curl but it's not installed.  Aborting."; exit 1; }
    hash jq 2>/dev/null || { echo >&2 "I require jq but it's not installed.  Aborting."; exit 1; }
    hash sed 2>/dev/null || { echo >&2 "I require sed but it's not installed.  Aborting."; exit 1; }

theankitgaurav

map()

Use it when: You want to translate/map all elements in an array to another set of values.

Example: convert Fahrenheit temps to Celsius.

var fahrenheit = [0, 32, 45, 50, 75, 80, 99, 120];

var celcius = fahrenheit.map(function(elem) {

kgorskowski

#!/bin/bash
ADMIN_ACC_ID=$1
SESSION_NAME="adminsession"

case "$1" in
  'Account1')
  ADMIN_ACC_ID=1234567890
  AWS_REGION=eu-central-1
  ;;
  'Account2')

andreicristianpetcu

An Ansible summary

Jon Warbrick, July 2014, V3.2 (for Ansible 1.7)

Configuration file

intro_configuration.html

First one found from of

drmalex07

README

Services declared as oneshot are expected to take some action and exit immediatelly (thus, they are not really services, no running processes remain). A common pattern for these type of service is to be defined by a setup and a teardown action.

Let's create a example foo service that when started creates a file, and when stopped it deletes it.

Define setup/teardown actions

Create executable file /opt/foo/setup-foo.sh:

heri16

#@ /etc/quagga/bgpd.conf (Centos & Ubuntu)

hostname <Local OS hostname>
password <Any random phrase>
enable password <Any random phrase>
!
log file /var/log/quagga/bgpd
!debug bgp events
!debug bgp zebra
debug bgp updates

fevangelou

# === Optimized my.cnf configuration for MySQL/MariaDB (on Ubuntu, CentOS, Almalinux etc. servers) ===
#
# by Fotis Evangelou, developer of Engintron (engintron.com)
#
# ~ Updated September 2024 ~
#
#
# The settings provided below are a starting point for a 8-16 GB RAM server with 4-8 CPU cores.
# If you have different resources available you should adjust accordingly to save CPU, RAM & disk I/O usage.
#

ageis

⚠️ Content below I now consider obsolete. My latest guide is now located here: Technical guide for using YubiKey series 4 for GPG and SSH. Please consult that resource instead.

---

Quick GPG Smartcard Guide