Not to get too far off topic, but unless your server is important (government, financial, etc.), it is most likely the hacks it will receive are just "sprayed." They don't care what rev of OS you are running. The hacker tries a number of exploits on IP space known to host servers. Who you are is
On 2020-04-22 3:14 a.m., Francis Daly wrote:
On Tue, Apr 21, 2020 at 07:09:41PM -0400, Paul wrote:
Hi there,
I confess I'm not quite certain what you are reporting here -- if you
can say "with *this* config, I make *this* request and I get *this*
response, but I want *that* response instead", i
Thank you for your support. I will take all your inputs into consideration
to fix this issue.
On Tue, Apr 28, 2020 at 8:47 PM J.R. wrote:
> > Okay. I exactly don't know how the Security Testing Team is able to get
> the
> > kernel information. They use Qualys and Nessus for performing tests. All
> Okay. I exactly don't know how the Security Testing Team is able to get the
> kernel information. They use Qualys and Nessus for performing tests. All I
> can say is only port 443 allowed to the server and I thought asking you
> guys if it is from Nginx or is there any way to handle it. Server is
The Nginx binary compiled on one system can be run on a similar
architecture system as it is portable code.
The ones you download from the repo are compiled on a machine to binary by
the repo maintainer
you can ship the binary in a tool like rpm or deb
On Tue, Apr 28, 2020 at 7:13 PM Praveen Kum
I usually install from the official nginx apt repo. But since I want to use
modules like more_set_headers which requires building nginx from source,
I'm looking for best practices.
On Tue, Apr 28, 2020 at 6:50 PM Reinis Rozitis wrote:
> > Can I compile nginx on Ubuntu 16.04 and reuse it on other
The key is the key you used when you generated the CSR.
The key remains on your machine at all times not sent to godaddy.
On 28/04/2020 13:46, Aran wrote:
Hi,
[emerg] SSL_CTX_use_PrivateKey_file("/etc/nginx/ssl/domain.key") failed
(SSL: error:0909006C:PEM routines:get_name:no start line:Expect
The test is GUESSing, it's written there in the link you posted. What are
your HTTP headers - what do you expose there? Do you expose your nginx
version to clients? Like in headers? Error pages? From those, it's possible
determine used OS and then guess kernel information. Is your app leaking
this
> Can I compile nginx on Ubuntu 16.04 and reuse it on other deployments? Or do
> I need to compile every time ? Please advise.
As far as the hosts have all the shared libraries like openssl/pcre etc (you
can check with 'ldd /path/to/nginx') there is no need to compile every time and
you can jus
It depends on how you compile.
First of all have a look at the repository of you distribution or nginx
itself it's easier to update for bugfix or security impacts.
The 2'nd way can be to upgrade you server and get a newer nginx.
If that all is not an option I would prefer a build a debian packag
Okay. I exactly don't know how the Security Testing Team is able to get the
kernel information. They use Qualys and Nessus for performing tests. All I
can say is only port 443 allowed to the server and I thought asking you
guys if it is from Nginx or is there any way to handle it. Server is behind
Hi,
[emerg] SSL_CTX_use_PrivateKey_file("/etc/nginx/ssl/domain.key") failed
(SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: ANY
PRIVATE KEY error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM
lib)
We bought ssl certificates from godaddy and tried to install their
guida
Hello,
Can I compile nginx on Ubuntu 16.04 and reuse it on other deployments? Or
do I need to compile every time ? Please advise.
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
13 matches
Mail list logo