[Updated 2020-12-04] This post explains how to set up robust security headers in NGINX to protect your web application from malicious payloads and other forms of attacks. Choose your HTTP(S) headers wisely.
Who wants to issue certificates manually if they can take Letsencrypt’s Certbot to the task.
When setting up https on an existing server, you need to provide a redirect for all those visitors arriving via http backlinks. Here is how to do this.
Here’s a tip on how to fix the error message:
nginx.service: Failed to read PID from file /run/nginx.pid: Invalid argument
quick and easy. This fix should do it for you.
When the server can’t write to the session data directory, if will use /var/cache/nginx/fastcgi_temp/ and complain in the error log. You don’t want any of these errors, but a setting considered insecure will not even be reported as such. Here is how to bolster your PHP 7 session security with NGINX and php-fpm.