在这篇文章中，我们以 WAF 为例，为您提供了“在 Kubernetes 环境中可以在哪些地方部署应用服务”的相关指导。您可以根据自己的需求，以基于每个 Service 或基于每个 POD 的方式，将 WAF 部署在 Kubernetes 环境的“前门” 或 Ingress Controller上。
Owen is a senior member of the NGINX Product Management team, covering open source and commercial NGINX products. He holds a particular responsibility for microservices and Kubernetes‑centric solutions. He’s constantly amazed by the ingenuity of NGINX users and still learns of new ways to use NGINX with every discussion.
On 14 September 2020 we released an update to the NGINX Plus ModSecurity module (for NGINX Plus R20, R21, and R22) in response to CVE-2020-15598. We encourage NGINX Plus subscribers to upgrade to the patched module.
这篇文章解释了为什么因分治而重复使用的应用服务反而可以提高整体效率：因为 NetOps 和 DevOps 团队有不同的要求，所以他们会选择最适合他们特定需求的工具。
We compare AWS Application Load Balancer (ALB) with NGINX Open Source and NGINX Plus as a Layer 7 reverse proxy and load balancer. ALB has more features than at its debut in 2016, but we conclude that NGINX and NGINX Plus still provide more functionality and much more predictable pricing.
Release 1.6.0 of the NGINX Ingress Controller for Kubernetes includes improvements to NGINX Ingress Resources, support for OpenTracing, and much more.
We provide guidance on using NGINX to mitigate the recently discovered vulnerability in PHP-FPM (CVE-2019-11043). The vulnerability is triggered when the PATH_INFO variable passed to PHP-FPM with an invalid value, which can happen in a common NGINX configuration.
The NGINX agent for NS1 provides rich load and availability data to the NS1 global server load balancing service, for more agile and sophisticated DNS-based load balancing for sites and apps proxied by NGINX Plus at multiple locations. Our deployment guide provides complete instructions.
Release 1.5.0 of the NGINX Ingress Controller for Kubernetes introduces a new configuration schema, extended Prometheus-based metrics, simplifications to TLS configuration, support for load balancing traffic to ExternalName services, and a new repository for Helm charts.
With NGINX conditional logging, you can log a subset of requests which have defined characteristics. This blog uses it to solve a real-world customer use case: the need to reject obsolete and insecure SSL/TLS ciphers without excluding legitimate users of legacy devices.
保护 SSL 私钥系列的第二篇介绍了如何设置 HashiCorp Vault 来存储保护 SSL 密钥，以及如何配置 NGINX 来检索密码。我们还讨论了使用硬件安全模块来实现更高的安全性。