I have installed nginx on an Arch Linux VPS with Vultr. I intend to use it to serve files to myself and two colleagues. I have setup three accounts for us all with login names and passwords via the .htaccess and .htpasswd files. I will also be adding a certificate with let’s encrypt before the server will be used.
The data we will be sharing is commercially sensitive. Is there anything else I need to worry about? Is there anything else I can do to harden the server?
nginx doesnt know .htaccess files. You need to configure this in the nginx config. You can use a .htpasswd with some basic auth to get the job done. But I would use something like nextcloud for your usecase. If you need help with nginx config, just ask 😉