Improve security for your website and web apps with the NGINX Cookbook, Part 2, from O'Reilly Media. Topics include JWTs, the ModSecurity WAF, and more.
![](https://www.nginx-cn.net/wp-content/uploads/2024/05/nginx-cn.net_弹窗图_-_560x666-1.png)
Accept cookies for analytics, social media, and advertising, or learn more and adjust your preferences. These cookies are on by default for visitors outside the UK and EEA. Privacy Notice.
Improve security for your website and web apps with the NGINX Cookbook, Part 2, from O'Reilly Media. Topics include JWTs, the ModSecurity WAF, and more.
Ways to sharply reduce security risks include: keeping your software up to date, using NGINX Amplify, and switching to NGINX Plus.
NGINX Plus R10 adds support for the JSON Web Token (JWT) standard. Learn how to use JWTs and OpenID Connect to control access to your applications.
Take advantage of the early bird discount for nginx.conf 2016 now! Read about customer and partner speakers in this blog post.
The current GPG key for NGINX, Inc. products expires on August 17, 2016. Learn how to update the key so you can continue to verify software signatures.
Learn how to secure resources with NGINX and NGINX Plus, by requiring clients to include a hashed value in request URLs, optionally with an expiration date
Use NGINX/NGINX Plus to prevent the HTTPoxy vulnerability, which attacks CGI and FastCGI-like application interfaces, from being exploited on your servers.
What are HTTPS and SSL/TLS? Learn about protocol versions, cipher suites, and how to configure NGINX for HTTPS and SSL/TLS.
The OpenSSL project announced fixes to 7 security vulnerabilities on 5 June 2014. An update to OpenSSL is generally sufficient to address this.