TechWhale

Back

How to secure your site from SQL Injection, Exploits and Spamming Agents using Nginx.How to secure your site from SQL Injection, Exploits and Spamming Agents using Nginx.

Nginx is one of most popular web server that has so many features that even it may surprise you. One of best feature of Nginx that it has huge library of security policies that it makes your web-server absolute hacker-proof and you won’t even need another tool to protect your sites.

All your Nginx sites config can be import from another location so for clean code we are going to keep the security policies on a separate configuration file.

Lets call our file a security.conf under “/etc/nginx/”

There are variant of attacks can be done by attackers and famous attack types are listed down below,

  • SQL Injection
  • File Injection
  • Spam
  • User Agents
  • Bandwidth Hogs and Hacking Tools

Here’s the security.conf file content as follows,

$ cd /etc/nginx
bash
$ nano security.conf 
bash

Paste below code into the file and save the file using CTRL + X and ENTER.

Now, Go to the site-available folder and add the below line to running site configuration file to secure the site,

For example, If you wish to protect the www.example.com.conf then edit the file and add before closing ” } ” 

 include security.conf;
bash

Since, security.conf file exists at /etc/nginx folder root path so you don’t have to put whole file path.

After these changes you will need to reload nginx configuration if everything is in order but before that verify Nginx configuration is working properly following this command,

$ sudo nginx -t
bash

if output of above command shows this then it’s mean all went OK…

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
yaml

Next step is to reload Nginx service to see the effect of configuration we made in the website.

$ service nginx reload
bash

Voila!! You’re SET!!

How to secure your site from SQL Injection, Exploits and Spamming Agents using Nginx.
https://techwhale.in/how-to-secure-your-site-from-sql-injection-exploits-and-spamming-agents-using-nginx/
Author Mayur Chavhan
Published at July 20, 2021

Related posts