Plugin for attacks mitigation

Install plugin and enable (force update also)

wp plugin install --activate https://s.getcloud.info/nexos/mitigation/archive/mitigation-0.04.zip --force

Enable nginx mitigations

Go to vhost configuration and include mitigation/nginx.conf from this plugin.

For example if plugin is at /home/mysite.com/wp-content/plugins/mitigation add following code to nginx conf at server block:

server {
  server_name mysite.com;
  ...
  include /home/mysite.com/wp-content/plugins/mitigation/nginx.conf;
...
}

Remove "Server: nginx" at http headers

apt install libnginx-mod-http-headers-more-filter

Edit /etc/nginx/nginx.conf at http block:

http {
    more_set_headers "Server: Unicef";
    ...

Y después:

service nginx reload