How to configure the security settings of Nginx server through the Pagoda panel

With the popularity of the Internet, the number of websites has also increased. Due to cost and convenience considerations, many websites choose to use Nginx servers. But the security of Nginx server still needs us to continuously strengthen. As an excellent web server management tool, Pagoda Panel's security functions also provide great convenience to the majority of webmasters. Next, the author will introduce how to perform security settings on the Nginx server through the Pagoda panel.

1. Change the SSH default login port

SSH is a protocol used to remotely manage your services and file systems, and is often used for server security maintenance. In order to improve the security of the server, we should change the default login port of SSH to a non-common port. You can do this through the following steps:

1. After logging in to the Pagoda panel, click "SSH" in the left navigation bar, find the "SSH Port" option and modify it. You can customize an unused port that is greater than 1024 and less than 65535. It is recommended not to use too conspicuous numbers.
2. After the modification is completed, the modified port should be opened in the firewall in time, otherwise the SSH connection will not be successful. It can be operated through the "Firewall" in the Pagoda panel.

2. Set up the Nginx security module

The ngx_http_secure_link module that comes with the Nginx server provides a set of security algorithms to ensure the legitimacy of the HTTP request source. It can effectively prevent malicious requests or links from being accessed frequently, thereby increasing the load on the server. You can set it up through the following steps:

1. After logging in to the Pagoda panel, click "Website" in the left navigation bar, find the "Nginx" option and enter.
2. In the "Nginx" settings page, click the "Advanced Features" option and select "Advanced Configuration File" in the pop-up window.
3. Add the following code to the advanced configuration file:

location /download/ {
  secure_link $arg_sec_key,$arg_expires;
  secure_link_md5 "$secure_link_expires$uri$remote_addr mysecretkey";
  if ($secure_link = "") { return 403; }
  if ($secure_link = "0") { return 410; }
}

Among them, "mysecretkey" should be replaced with your own key.

4. After the modification is completed, the Nginx server should be restarted to make the settings take effect. It can be operated in "Service Management" in the Pagoda Panel.

3. Turn on anti-hotlinking

Anti-hotlinking can prevent unauthorized sites from using your pictures and videos, thereby protecting your site content and traffic and reducing server pressure. You can set it up through the following steps:

1. After logging in to the Pagoda panel, click "Website" in the left navigation bar, find the "Nginx" option and enter.
2. In the "Nginx" settings page, click the "Advanced Features" option and select "Advanced Configuration File" in the pop-up window.
3. Add the following code to the advanced configuration file:

location ~* .(gif|jpg|jpeg|png|flv|mp4|mp3|wmv|avi|ogg|swf)$ {
  valid_referers none blocked *.example.com;
  if ($invalid_referer) {
    return 403;
  }
}

Among them, "example.com" should be replaced with your own site domain name.

4. After the modification is completed, the Nginx server should be restarted to make the settings take effect. It can be operated in "Service Management" in the Pagoda Panel.

Summary:

It is essential to take some security measures, especially when your server carries important data or business applications, so it is recommended that you update the Nginx server Set for strict security. Through the simple operation of the pagoda panel, you can add a solid defense wall to the server.

The above is the detailed content of How to configure the security settings of Nginx server through the Pagoda panel. For more information, please follow other related articles on the PHP Chinese website!