2025-06-26 05:56:24 +00:00
|
|
|
|
|
|
|
|
# Plugin for attacks mitigation
|
|
|
|
|
|
2025-06-26 05:59:40 +00:00
|
|
|
## Install plugin and enable (force update also)
|
2025-06-26 05:56:24 +00:00
|
|
|
|
|
|
|
|
```
|
2025-06-26 05:59:40 +00:00
|
|
|
wp plugin install --activate https://s.getcloud.info/n3storm/mitigation/archive/mitigation-0.03.zip --force
|
2025-06-26 05:56:24 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## Enable nginx mitigations
|
|
|
|
|
|
|
|
|
|
Go to vhost configuration and include mitigation/nginx.conf from this plugin.
|
|
|
|
|
|
|
|
|
|
For example if plugin is at /home/mysite.com/wp-content/plugins/mitigation add following code to nginx conf at server block:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
server {
|
|
|
|
|
server_name mysite.com;
|
|
|
|
|
...
|
|
|
|
|
include /home/mysite.com/wp-content/plugins/mitigation/nginx.conf;
|
|
|
|
|
...
|
|
|
|
|
}
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## Remove "Server: nginx" at http headers
|
2025-06-26 05:59:40 +00:00
|
|
|
|
2025-06-26 05:56:24 +00:00
|
|
|
```
|
|
|
|
|
apt install libnginx-mod-http-headers-more-filter
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Edit /etc/nginx/nginx.conf at http block:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
http {
|
|
|
|
|
more_set_headers "Server: Unicef";
|
|
|
|
|
...
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Y después:
|
2025-06-26 05:59:40 +00:00
|
|
|
|
2025-06-26 05:56:24 +00:00
|
|
|
```
|
|
|
|
|
service nginx reload
|
|
|
|
|
```
|
