Skip to main content

Posts

Showing posts from May, 2018

NginX - Mitigating Slowloris Attack

Technically, NginX is not vulnerable to Slowloris attack. But the default configurations may not be able to handle Slowloris attack. HEXADIX has published a how-to that is simple to follow: https://hexadix.com/slowloris-dos-attack-mitigation-nginx-web-server/ The key steps are to increase the value of certain variables: Under nginx.conf, add the followings: worker_rlimit_nofile 102400; events { worker_connections 100000; } Check the system and user open file limit.
Post a Comment
Read more

Ubuntu 16.04LTS / Alibaba Cloud | NginX | Lets Encrypt installation

After standard installation of Perfect Server Ubuntu 16.04LTS, the LetsEncrypt fails to activate. The error log has the following errors: Deserialization error: Wrong directory fields Try re-install Lets Encrypt https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04 sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install python-certbot-nginx Then return to ISPConfig panel and try to activate again.
Post a Comment
Read more