较之单体架构的应用，微服务之间的东西向通信需要在网络上传输更多的数据。使用双向 TLS (mTLS) 加密并验证这些通信内容十分重要。这篇文章中，我们深入阐述了 NGINX Service Mesh 是如何实施 mTLS 的。
In this blog we compare the performance of the NGINX Controller API Management Module and Kong. The API Management Module outperforms Kong on every metric: added latency, API calls per second (with and without JWT authentication), and CPU usage.
In this blog, we compare three simple, unambiguous performance metrics: HTTP requests per second (RPS), SSL/TLS transactions per second (TPS), and HTTP throughput (Gbps). The bottom line: the NGINX Plus price-performance advantage continues, with cost savings for NGINX over F5 ranging from 78% to 87%.
The $ssl_preread_protocol variable introduced in NGINX 1.15.2 allows you to distinguish between SSL/TLS and other protocols when forwarding traffic using a TCP proxy. This is useful if you want to avoid firewall restrictions by running (for example) SSL/TLS and SSH services on the same port.
The NGINX Web Application Firewall (WAF) is now certified in the Google Cloud Security Partner Ecosystem, protecting applications hosted on the Google Cloud Platform from Layer 7 attacks like SQLi and RCE.
When a CVE appears, updating affected libraries and re-testing can be too slow. See how to quickly apply a "virtual patch" with ModSecurity.
In this blog post, we describe the basics of logging and debugging with ModSecurity and provide audit log and debug log examples
Learn how to configure ModSecurity 3.0, for both NGINX and NGINX Plus, to integrate with Project Honeypot and block malicious IP addresses.
In this blog we cover how to protect your website by compiling and installing ModSecurity 3.0 for NGINX Open Source. ModSecurity 3.0 is a complete redesign of ModSecurity that works natively with NGINX.