INTERNAL CONFIGURATIONS FOR THE HARDENING SECURITY IN NGINX
Keywords:Despliegue Seguro, Fortalecimiento, Nginx, Seguridad Informática, Servidor web.
The notorious evolution of technologies has led to the rising of increasingly complex cybernetic attacks. Web servers are the foundations supporting these technologies, interacting directly, besides, with the operating system which makes them an attractive target for cyber attackers. The denominated Nginx server has reached recently a great popularity, becoming thus a constant target for the search for vulnerabilities in such a way that analysis of popular open-source web servers revealed important security holes, despite the obvious efforts of their developer communities. These vulnerabilities leave both applications and their no expert users in a "security limbo" opened to exploitation, for what it is almost mandatory and necessary, to apply additional measures and configurations to those established by default during initial deployment. Therefore, the objective of this research was to organize and implement measures to harden security through the different configuration mechanisms for the Nginx web server. These measures were applied in applications available on the Internet in 2018, being effective to guarantee the confidentiality, integrity, and availability of information in the face of attacks, risks, and threats of all kinds, thus contributing to the secure computerization process that is taking place in the country.
How to Cite
The authors who publish in this journal agree to the following terms:
- The authors retain the copyright and guarantee to the journal the right to be the first publication of the work are distributed under a license of use and distribution "Creative Commons Attribution-NonCommercial-NoDerivativeWorks 3.0 Unported" (CC BY-NC-ND 3.0) You can consult from here the informative version and the legal text of the license that allows others to share the work with an acknowledgement of the authorship of the work and the initial publication in this journal.
- Authors may separately enter into additional agreements for non-exclusive distribution of the version of the work published in the journal (for example, placing it in an institutional repository or publishing it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are allowed and encouraged to disseminate their work electronically (e.g., in institutional repositories or on their own website) before and during the submission process, as this can lead to productive exchanges as well as earlier and greater citation of published work (see The Effect of Open Access).