In this installment of our "Ask NGINX" series, we discuss how NGINX and NGINX Plus work with Diffie-Hellman, support for Datagram Transport Layer Security, how to control the lifetime of content in the cache, and how to add the NGINX WAF to an NGINX Plus subscription.
With NGINX conditional logging, you can log a subset of requests which have defined characteristics. This blog uses it to solve a real-world customer use case: the need to reject obsolete and insecure SSL/TLS ciphers without excluding legitimate users of legacy devices.
保护 SSL 私钥系列的第二篇介绍了如何设置 HashiCorp Vault 来存储保护 SSL 密钥，以及如何配置 NGINX 来检索密码。我们还讨论了使用硬件安全模块来实现更高的安全性。
这篇文章主要讲了我们为 Kubernetes 打造的 NGINX Ingress Controller 的性能表现，包括三个指标：每秒请求数、每秒 SSL/TLS 事务数和吞吐量。文中包含了我们进行测试时使用的 NGINX 和 Kubernetes 的完整配置。
针对 NGINX 处理 HTTPS 流量的情景，我们介绍了三种保护 SSL 私钥的方式（这三种方式的保护程度逐步提高）：仅允许 root 用户进行读取访问、配置独立存储的密码加密密钥、创建中央密码分发点。
In this installment of our "Ask NGINX" series, we describe how NGINX and NGINX Plus support Nagios, single sign-on, and MQTT; discuss storing cookies in the NGINX Plus key-value store; and explain how to upgrade NGINX Plus licenses from a free trial to a paid subscription.
The NGINX Controller API Management Module secures your APIs at every API touchpoint – authenticating and authorizing third-party client applications and developers, rate limiting API calls to mitigate DDoS attacks, and protecting backend applications that process the API calls.
With NGINX Controller’s API Management Module, you define an API just once and publish it to as many environments as you want. This “create once, publish many” approach eliminates user errors as well as saving time and effort, especially if you have to define a lot of APIs.