Following my last post about how to ensure a bit more our wordpress instance, today I implemented some basic rules for nginx that can be useful to block some automate brute force attacks to our wordpress administration panel generated by
Script to blacklist bad guys in nginx
There we’ve a small script to generate a list of IP’s to deny in nginx. In that case I use this script to enhance the security of this blog and try to reduce some spam generated from some bots. This
Enable HTTP Strict Transport Security in Apache & Nginx
HSTS (HTTP Strict Transport Security) is a security protocol that force the use of SSL in the comunication between the web browser and the web server. This standard is recently approved (2 october 2012) by the IETF, but the first