Nginx

Adding the Expires header to improving caching of static content in nginx

Want to improve caching on your nginx web server? Learn how to set the Expires header and enhance your nginx configuration.

Summary

Learn how to define the Expires header in nginx to improve the caching of static assets.

Nginx security hardening guide

Learn how to secure your nginx configuration with this hardening guide. It includes examples and tips to implement security measures step by step.

How to see all virtual hosts in nginx

Want to see all configured virtual hosts on a server running nginx? Here is a method to achieve this quickly by using a default configuration option.

Summary

How to display the configured hosts by filtering out the server_name entries

How to log only some requests to a log file in nginx

Nginx is flexible when it comes to what should be logged in the access.log. With the combination of a map and if-statement, this can be achieved very easily!

Summary

Nginx is flexible when it comes to what should be logged in the access.log. With the combination of a map and if-statement, this can be achieved very easily!" Log only some events by HTTP status Creating a map using $status The $status variable contains the HTTP status code that is normally returned to each request. We can leverage this status code to set a so-called boolean (true/false, or 1/0). Let’s define first the map and use the HTTP status.

How to block POST requests in nginx

Want to block all HTTP POST requests in nginx? There are multiple ways to achieve this and within this article we look at the best fit.

Summary

Why block POST requests in the first place? Some websites or resources don’t need POST requests, such as a statically generated website. It looks like POST requests also take some CPU time within nginx to process them compared with static files. This becomes visible when using the $request_time variable to customize the access log. 2024-04-02T10:14:39+00:00 404 a.b.c.d “POST /xmlrpc.php HTTP/1.1” 562 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.

Hiding the nginx version number

Security professionals usually don't advise to use "security through obscurity". Still, it's wise to hide the nginx version number.

Summary

If you care about security, making your system “lean” is one very good start. Remove all clutter, like unused packages. It is part of system hardening and considered a good practice. This also applies to leaking of version numbers, which can only be harmful. Yes.. it is security through obscurity. But why would you reveal specific details about your environment to attackers? In this article we have a look at the very popular Nginx web server daemon.