Home 2015 January

Turn off Nginx version display

By default Nginx likes to show it’s version in the reply header of every request and on error pages. It is important to turn off the nginx version disclosure in order to prevent attackers to find potential exploits for your nginx server version. While this is generally a problem, I suspect that the secure “do […]

“Secure” config for OpenSSH 6.6 Ubuntu 14.04

When using a standard Ubuntu1 14.04 installation, it will be configured half-way secure. However, to achieve no findings on vulnerability scanners like nessus, you’ll need to tweak the settings further. Another nice side-effect is, that attackers are usually using outdated systems which means that they’re not even able to get to the authentication part. Disable […]