了解如何借助 F5 NGINX App Protect WAF 保护 GraphQL 和 gRPC 双向流式 API,以及保护 API 免遭常见漏洞和攻击的最佳方法。
![](https://www.nginx-cn.net/wp-content/uploads/2024/05/nginx-cn.net_弹窗图_-_560x666-1.png)
Accept cookies for analytics, social media, and advertising, or learn more and adjust your preferences. These cookies are on by default for visitors outside the UK and EEA. Privacy Notice.
了解如何借助 F5 NGINX App Protect WAF 保护 GraphQL 和 gRPC 双向流式 API,以及保护 API 免遭常见漏洞和攻击的最佳方法。
NGINX App Protect 通过检测消息请求头和有效载荷(包括所有嵌套和复杂数据结构)中的恶意数据来保护 gRPC API。您可以在 gRPC IDL 文件中定义安全策略,NGINX App Protect 会立即应用它们,而无需更改其配置。
此文为《将 NGINX 部署为 API 网关》系列博文的第三部分,主要关注于如何将 NGINX Plus 部署为 gRPC 服务的 API 网关,并介绍了其他相关的丰富功能。gRPC 是 REST API 的替代方案,尤其适用于建构以服务网格的形式实现的分布式应用。
NGINX Plus R23 introduces new features including health checks for backend gRPC servers, unprivileged installation, support for the OpenID Connect PKCE extension, finer-grained control over TLS connections, a new method of setting cookie flags, and NGINX JavaScript enhancements.
NGINX Plus R21 is more reliable and secure than ever, importing numerous bug fixes from NGINX Open Source. New variable support in gRPC proxying extends dynamic, API‑driven routing policies to gRPC workloads, and the NGINX JavaScript module has been enhanced, particularly with respect to subrequests.
We look back over the most influential blog posts of 2018 on nginx.com, to remind you of what we’ve worked hard on improving to make your experience of NGINX even better. The year witnessed announcements and updates for many products in the NGINX Application Platform.
NGINX Plus R15 introduces native gRPC proxying (used by Istio and other service mesh architectures), HTTP/2 server push, state sharing in a cluster, API gateway enhancements, OpenID Connect integration, NGINX JavaScript (njs) module enhancements, a new ALPN variable, dynamic module updates, and more.
NGINX now proxies gRPC traffic, so you can terminate, inspect, and route gRPC method calls. Manage encryption and load balance gRPC traffic.