# Nginx Per Server Settings
# About
Nginx web server is an light weight open-source web server.
Servers running Nginx will automatically inherit the Global Application setttings. In addition to the General Per Server Settings there are a handful of customisable configurations specific to Nginx:
# php-fpm Settings
php.ini automatically inherits the php.ini settings defined in your Global Application settings. Inherited directives can be identified by the 'Inheritied' tag.
It is possible to override these php-fpm settings and add additional custom directives to a specific server.
To override or add custom directives to a server:
- Click Servers in the left side bar
- Locate the server you would like to enable ModSecurity on
- Select Manage from the drop down menu
- Scroll to the Roles section
- Select the Application tab then select php settings
- Select the row to edit an existing directive or select Add directive to add a custom directive
# Virtual Host Includes
You can include custom configuration within a virtual host. This is an advanced feature and should be done carefully; incorrect syntax will take down your web server.
To add custom virtual host configuration for a site, log in to your server with SSH as root and edit the file at /var/local/enhance/nginx/vhost_includes/example.com.conf
where example.com is the domain for which you want to add the custom configuration. This file will be included at the end of the server
block for this domain and will apply to http and https.
# ModSecurity
ModSecurity can be enabled/disable through the Enhancee control panel. Once enabled, you can use Enhance's inline editor to customise security settings, define rules, and how ModSecurity detects and responds to web threats.
By default the OWASP ruleset is enabled offering a set of predefined security rules to help protect the web server against common vulnerabilities such as SQL injection, cross-site scripting (XSS), and more. The OWASP version can update through the Enhance panel.
To enable ModSecurity on an Nginx server:
- Click Servers in the left side bar
- Locate the server you would like to enable ModSecurity on
- Select Manage from the drop down menu
- Scroll to the Roles section
- Select the Application tab then select ModSecuirty
- Toggle on or Off
# Custom Configuration (nginx.conf)
It is not possible to edit the primary nginx.conf. Any changes made to this file will be lost on update. If you would like to make changes to the NGINX configuration please do so by using the Virtualhost techique detailed above.