Reverse cache not working on start pages (solution founD)
Lucas Rolff
lucas at lucasrolff.com
Thu Oct 12 11:39:59 UTC 2017
If your server gets hacked due to a single website, you have bigger problems, and mod_security won’t fix the issue.
Consult with security professionals or give the task of managing your infrastructure to someone that can properly secure the environment.
On 12/10/2017, 13.26, "nginx on behalf of Dingo" <nginx-bounces at nginx.org on behalf of nginx-forum at forum.nginx.org> wrote:
You are right. I didn't know what canonical url:s where, but now I know. Yes
there is in fact two servers. One server is running Apache with a website
that has maybe 10 different DNS-domains pointing to it and then there is
another server running IIS with lots of websites but usually only one
DNS-domain pointing to each of them. The IIS server has a control panel
software that enables customers to add both websites and DNS-records, so I
don't want to change the configuration in my nginx proxy every time someone
adds or changes something on that server, so there needs to be a bit of
compromising.
I have very limited knowledge about how to configure and protect webservers
and the reason all this is happening now, is that the IIS server has been
hacked due to an old wordpress vulnerability in a plugin called revslider,
so I have had to do things in a bit of a hurry. When I installed nginx i
didn't know that it was revslider, so nginx didn't fix the problem, so the
server got hacked once again. I have now installed modsecurity, which seems
to have stopped the problem.
I am seriously considering using nginx plus, but it's not entirely my
decision and my colleagues are already upset over all cost surrounding the
web-servers at the moment.
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,276670,276836#msg-276836
_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list