保护 SSL 私钥系列的第二篇介绍了如何设置 HashiCorp Vault 来存储保护 SSL 密钥,以及如何配置 NGINX 来检索密码。我们还讨论了使用硬件安全模块来实现更高的安全性。
Securing Your API Ecosystem with the NGINX Controller API Management Module
The NGINX Controller API Management Module secures your APIs at every API touchpoint – authenticating and authorizing third-party client applications and developers, rate limiting API calls to mitigate DDoS attacks, and protecting backend applications that process the API calls.
PCI DSS Best Practices with NGINX Plus
It's easy to implement PCI DSS best practices, such as using new versions of TLS rather than the older SSL, encrypting upstream as well as downstream communications, and adding a WAF, with NGINX Plus. Taking these steps will help you pass PCI DSS audits. Here's how to implement them.
Trust No One: The Perils of Trusting User Input
A newly discovered security threat exploits a configuration that allows remote users to specify the server for a request in the HTTP Host header, and thus access potentially sensitive information. In this post we explain how to prevent this "cloud metadata" attack.
NGINX Response to the Meltdown and Spectre Vulnerabilities
The Meltdown and Spectre vulnerabilities stem from commonly found security flaws in microprocessors. They require patches to most OSs.
Top 5 NGINX Blog Posts for 2017 – NGINX Plus R12, Microservices, & More
Top 5 2017 blog posts: NGINX Plus Release 12, microservices, load balancing, security, and the NGINX Application Platform.
ModSecurity: Logging and Debugging
In this blog post, we describe the basics of logging and debugging with ModSecurity and provide audit log and debug log examples
Dynamic IP Denylisting with NGINX Plus and fail2ban
We implement dynamic IP address-based denylisting using the NGINX Plus key-value store and fail2ban, which monitors log files for suspicious activity
Announcing NGINX Plus R13
NGINX Plus R13, with more dynamic deployments, enhanced debugging, and improved security, is now available free to NGINX Plus subscribers
Compiling and Installing ModSecurity for NGINX Open Source
In this blog we cover how to protect your website by compiling and installing ModSecurity 3.0 for NGINX Open Source. ModSecurity 3.0 is a complete redesign of ModSecurity that works natively with NGINX.