Web
Building a better web together by creating more secure Linux web servers, hardening their configuration, and optimize websites.
Hardening nginx with systemd security features
Secure your nginx service by using security features provided by systemd. We have a look at the available options that systemd units can offer.
Test web server caching with curl
Want to test your web server and see if static files are properly cached? Curl can help and with some scripting even automate the task for you.
Adding the Expires header to improve caching static content in nginx
Want to improve caching on your nginx web server? Learn how to set the Expires header and enhance your nginx configuration.
Curl cheat sheet
This curl cheat sheet contains commands and examples of common tasks that can be performed with curl. Covering a wide range of curl options, tricks, and tips.
Nginx security hardening guide
Learn how to secure your nginx configuration with this hardening guide. It includes examples and tips to implement security measures step by step.
How to see all virtual hosts in nginx
Want to see all configured virtual hosts on a server running nginx? Here is a method to achieve this quickly by using a default configuration option.
RSS is cool! Some RSS feed readers are not (yet)...
Even after years, RSS is still being used by many. With more RSS clients to choose from, we discovered that not all of them behave like a good bot.
How to log only some requests to a log file in nginx
Nginx is flexible when it comes to what should be logged in the access.log. With the combination of a map and if-statement, this can be achieved very easily!
Web
All articles and tips to create a better website or optimize your webserver configuration. Let's build a better web together!
Pre-compress static assets with Brotli and Gzip
Let's make the web a smaller place by pre-compressing static assets with Brotli and Gzip. Here are some useful tips to get started.
How to block POST requests in nginx
Want to block all HTTP POST requests in nginx? There are multiple ways to achieve this and within this article we look at the best fit.
How to test if a website supports Brotli or Gzip compression
Optimizing a web server and its content can be done using brotli and gzip compression. This article shows a few ways to test your website.
How the web changes with HTTP/2: Performance and Security
The web changes and so does one of the most important underlying protocols HTTP. Learn about HTTP/2 and what it means for performance and security.
Delete a HSTS Key Pin in Chrome
Here are the steps to take on Chrome when a HSTS key pin is set on a website, but incorrect. Go to the net-internals settings to search for the domain.
Deleting Outdated HPKP Key Pins in Firefox
HPKP is great to pin a certificate to a website, unless it starts blocking access to it. Here is how to solve the issue for an oudated HPKP key pin.
Hardening WordPress Security and Reduce Information Disclosure
WordPress installations are easy to be hacked if they disclose too much information, like version numbers. Let's do some hardening!
Quick Tip: Disable Adobe Flash Player in Chrome
The end of Adobe's Flash Player is near. Learn how to disable it within the Chrome browser, so it no longer can be used.
Protecting the browser: Web of Trust
Systems running Linux might be a safe option, yet web browsers and the user will always be under attack from malicious scripts.
Optimize SSL/TLS for Maximum Security and Speed
Everyone loves secure websites, as long as they are quick. Let's configure our website for maximum security and performance, at the same time.
Securing nginx configurations: implementing OCSP stapling
OCSP stapling is a logical follow-up on Online Certificate Status Protocol. With newer versions of Nginx we can enable OCSP stapling and enable testing.
Disable SSLv3 in Lighttpd to protect against POODLE attack
Protecting against the POODLE attack with Lighttpd is easy by changing its configuration. Disable SSLv2 and SSLv3 to limit the attacks on the SSL protocol.
Configure HSTS (HTTP Strict Transport Security) for Apache and Nginx
HTTP Strict Transport Security (HSTS) is a security capability to force clients to use HTTPS. In this article, we implement HSTS for Apache and Nginx.
Hiding the nginx version number
Security professionals usually don't advise to use security through obscurity. Still, it's wise to hide the nginx version number.