Best practice secure WordPress NGINX configuration for Plesk

by Danila Vershinin, September 18, 2020

WordPress Security WordPress is the most popular CMS for running a website. As such, it is the target for all kinds of malicious bots. The most effective way of reducing security risks associated with WordPress is the proper server configuration. Secure WordPress NGINX configuration must be built on the assumption that any unknown script is […]


Best practice secure NGINX configuration for WordPress

by Danila Vershinin, September 5, 2020

We review and approach to secure NGINX configuration for WordPress prevents launching malicious scripts and only allows core and plugin files execution


NGINX basics. How to create redirects

by Danila Vershinin, July 14, 2020

Understanding redirects in NGINX. How to create efficient redirection rules in NGINX configuration


NGINX and PHP-FPM. What my permissions should be?

by Danila Vershinin, July 13, 2020

Proper file permissions and ownership model for NGINX / PHP-FPM powered websites. The secure chmod and shown setup


Install NGINX RTMP module in CentOS/RHEL or Amazon Linux

by Danila Vershinin, April 22, 2020

How to install and enable NGINX RTMP module in CentOS/RHEL or Amazon Linux. Quick instructions to empower your NGINX with streaming capabilities


How to install the Better Brotli NGINX module in Plesk for CentOS/RHEL 7 or 8

by Danila Vershinin, March 28, 2020

How to enable Brotli compression in Plesk for CentOS 7 or CentOS 8


How to add Lua scripting power to your NGINX in under one minute

by Danila Vershinin, March 27, 2020

How to add fast LuaJIT scripting to your NGINX


How to install the ModSecurity NGINX module in CentOS/RHEL 8

by Danila Vershinin, February 20, 2020

Here’s how to easily install ModSecurity for NGINX in CentOS/RHEL 8.


Protect your signup forms from SPAM with NGINX and CleanTalk

by Danila Vershinin, September 6, 2019

Suppose you’re running Mautic on CentOS 7 machine. You’ve created a signup form and placed it on the front page of your website. The form is very simple: an input for an email address and Subscribe button. Bots are hitting it hard. They submit email addresses to your form, your database of subscribers have lots […]


NGINX and phpMyAdmin. When you have to…

by Danila Vershinin, August 18, 2019

The phpMyAdmin is the famous web client for MySQL databases. However, being an open-source product, it is subject to security vulnerabilities. The best thing is not using it at all. All the modern MySQL GUI clients support connecting via SSH tunneling. So you don’t have to open MYSQL port for outside. Neither you expose the […]