Navid

HI, I would to Import and big database file around 2.5 G, to a user account(website) kindly guide on how can I cope with please. Note: I used this command : mysql -u alemaren_gild -p alemaren_statute < alemaren_english.sql but it's not working and I getting access dined error. waiting for you help thanks.

Hi, dear Sandeep you're always very helpful, God Bless you. I added the config like below: user nobody; worker_processes auto; #worker_rlimit_nofile 65535; error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; multi_accept on; } http { sendfile on; tcp_nopush on; tcp_nodelay on; client_header_timeout 3m; client_body_timeout 3m; client_max_body_size 256m; client_header_buffer_size 4k; client_body_buffer_size 256k; large_client_header_buffers 4 32k; send_timeout 3m; keepalive_timeout 60 60; reset_timedout_connection on; server_names_hash_max_size 1024; server_names_hash_bucket_size 1024; ignore_invalid_headers on; connection_pool_size 256; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; server_tokens off; include mime.types; default_type application/octet-stream; # Compression gzip gzip on; gzip_vary on; gzip_disable "MSIE [1-6]\."; gzip_proxied any; gzip_min_length 512; gzip_comp_level 6; gzip_buffers 8 64k; gzip_types text/plain text/xml text/css text/js application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg image/svg+xml application/xml+rss text/javascript application/atom+xml application/javascript application/json application/x-font-ttf font/opentype; # Proxy settings proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass_header Set-Cookie; proxy_connect_timeout 300; proxy_send_timeout 300; proxy_read_timeout 300; proxy_buffers 32 4k; proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; proxy_cache_valid any 1d; open_file_cache_valid 120s; open_file_cache_min_uses 2; open_file_cache_errors off; open_file_cache max=5000 inactive=30s; open_log_file_cache max=1024 inactive=30s min_uses=2; # SSL Settings ssl_session_cache shared:SSL:10m; ssl_protocols TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA!RC4:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS"; # Logs log_format main '$remote_addr - $remote_user [$time_local] $request ' '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; #access_log /var/log/nginx/access.log main; access_log off; # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; ~wordpress_logged_in 1; } # Include additional configuration include /etc/nginx/cloudflare.inc; include /etc/nginx/conf.d/*.conf; } and added those line you recommend and the below line as well: server_tokens off; kindly recommend us more to make is more secure and stable and high perfromance please regards.

HI, I mean on how can hardening the server by nginx.conf more than usual user nobody; worker_processes auto; #worker_rlimit_nofile 65535; error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; multi_accept on; } http { sendfile on; tcp_nopush on; tcp_nodelay on; client_header_timeout 3m; client_body_timeout 3m; client_max_body_size 256m; client_header_buffer_size 4k; client_body_buffer_size 256k; large_client_header_buffers 4 32k; send_timeout 3m; keepalive_timeout 60 60; reset_timedout_connection on; server_names_hash_max_size 1024; server_names_hash_bucket_size 1024; ignore_invalid_headers on; connection_pool_size 256; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; include mime.types; default_type application/octet-stream; # Compression gzip gzip on; gzip_vary on; gzip_disable "MSIE [1-6]\."; gzip_proxied any; gzip_min_length 512; gzip_comp_level 6; gzip_buffers 8 64k; gzip_types text/plain text/xml text/css text/js application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg image/svg+xml application/xml+rss text/javascript application/atom+xml application/javascript application/json application/x-font-ttf font/opentype; # Proxy settings proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass_header Set-Cookie; proxy_connect_timeout 300; proxy_send_timeout 300; proxy_read_timeout 300; proxy_buffers 32 4k; proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; proxy_cache_valid any 1d; open_file_cache_valid 120s; open_file_cache_min_uses 2; open_file_cache_errors off; open_file_cache max=5000 inactive=30s; open_log_file_cache max=1024 inactive=30s min_uses=2; # SSL Settings ssl_session_cache shared:SSL:10m; ssl_protocols TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA!RC4:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS"; # Logs log_format main '$remote_addr - $remote_user [$time_local] $request ' '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; #access_log /var/log/nginx/access.log main; access_log off; # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; ~wordpress_logged_in 1; } # Include additional configuration include /etc/nginx/cloudflare.inc; include /etc/nginx/conf.d/*.conf; } I mean what else we have to add to the above config file to make it more secure and highly performance kindly guide us. thank you

Hi, I hope you are be fine. Kindly guide me on how can make a high secure and top performance config for /etc/nginx/nginx.conf which help the server against attacker and keep server more secure and mitigate attacks. Kindly share the whole ngnix.conf here with full details. thank you very much.

HI, Dear guys please guide me on how to install Snort or alternatively intrusion system in cwp admin for mitigate the attack an sql injection please thank you very much.

HI, as well the cron is not script is not working that you guided below 0 0 * * 0 /usr/bin/sh /root/clearlog.sh I set it from cwp admin, it will work from your point of view?? thanks.

HI, kindly guide me on how can fix this error: truncate: cannot open ‘/var/log/cwpsecure/reject_003.log’ for writing: No such file or directory thank you

HI, when I run the the above command, getting the below error: [root@cloud ~]# systemctl restart logrotate.timer logrotate Failed to restart logrotate.timer: Unit not found. Failed to restart logrotate.service: Unit not found. [root@cloud ~]# systemctl status logrotate.timer logrotate Unit logrotate.timer could not be found. Unit logrotate.service could not be found. please guide me thanks.

HI, thank you very much dear Sandeep for you nice comprehensive answer just I would to ask about this line: /usr/local/cwp/php71/var/log/*.log incase using php 8.1 instead of the php 7.1, it's nee to change: /usr/local/cwp/php81/var/log/*.log or it's not necessary thanks