Hi, I'm a pretty noob server guy (actually a front end web dev) and i've just setup nginx on ubuntu so I can run a django project. I followed [a tutorial](http://blog.richard.do/index.php/2013/04/setting-up-nginx-django-uwsgi-a-tutorial-that-actually-works/) and it's all working which is great. Problem is I did it all as the root user with sudo. Big oops. I've since changed the permissions of my /var/www/mysite.com/ permissions to my new su (nginxuser) using chown nginxuser:www-data /var/www/mysite.com/
This might be enough, but I doubt it. What steps can I take next or should I nuke from orbit and start from scratch? Any tips and info would be most appreciated as I'd like to learn and improve as well as protect my project.
Are there ways to test for vulnerabilities online also?
Thanks 🙂
Try out https://www.qualys.com/forms/freescan/ . There are tools you can use, such as [OpenVAS](http://www.openvas.org/) or [NEXPOSE](http://www.rapid7.com/products/nexpose/).
This might be helpful:
https://www.reddit.com/r/sysadmin/comments/3drad0/nginx_a_guide_to_high_performance_free_ebook_from/