# Plugin for attacks mitigation

## Install plugin and enable (force update also)

```
wp plugin install --activate https://s.getcloud.info/n3storm/mitigation/archive/mitigation-0.03.zip --force
```

## Enable nginx mitigations

Go to vhost configuration and include mitigation/nginx.conf from this plugin.

For example if plugin is at /home/mysite.com/wp-content/plugins/mitigation add following code to nginx conf at server block:

```
server {
  server_name mysite.com;
  ...
  include /home/mysite.com/wp-content/plugins/mitigation/nginx.conf;
...
}
```

## Remove "Server: nginx" at http headers

```
apt install libnginx-mod-http-headers-more-filter
```

Edit /etc/nginx/nginx.conf at http block:

```
http {
    more_set_headers "Server: Unicef";
    ...
```

Y después:

```
service nginx reload
```