Mission 252

Hardening header review

Inspect web security header config and static API blocking.

Security administration
8 minutes Advanced Lesson 252 of 360
grepnginx
Lesson 252 of 360 0/360 lessons 0/17 missions Security administration · 8 minutes
0%
Continue View profile
Ops lab terminal Training lab
New learnerrank 0XP 0%complete
learner@clairos:/home/learner $ Unix ops lab: type a command, press Enter
Instructions 8 minutes

Click any instruction for the command details, the why, and the common mistake to avoid.

Find CSP

Run grep Content-Security-Policy /etc/nginx/sites-available/learn.conf.

grep Content-Security-Policy /etc/nginx/sites-available/learn.conf
Find API rules

Run grep /api/ /etc/nginx/sites-available/learn.conf.

grep /api/ /etc/nginx/sites-available/learn.conf
Validate config

Run nginx -t.

nginx -t
Lesson support

What to notice while you play.

Objective

Inspect web security header config and static API blocking.

Hint

Run the commands in order and compare the outputs.

Why it matters

Junior operators build confidence by gathering evidence before changing systems.

Common mistakes
  • Skipping the inspection step.
  • Assuming one command tells the whole story.
Reference

Commands in this lesson.

grep [-i] <text> <file>

Find literal text inside a file.

nginx -t

Validate training nginx configuration.