[ngx_snippet name='table-style-blog'] The rise of cloud computing – and Platform as a Service (PaaS) and Container as a Service (CaaS) offerings in particular – is changing the way companies deploy and operate their business applications. One of the most important challenges when designing cloud applications is choosing fully managed cloud services that reduce costs and time‑consuming operational…
Continue reading ›The NGINX WAF Joins the Google Cloud Security Partner Ecosystem
We are pleased to announce that the NGINX Web Application Firewall (WAF) is now part of the Google Cloud Security Partner Ecosystem. The NGINX WAF has been validated by both NGINX, Inc. and Google as a solution for protecting Google Cloud Platform (GCP) applications from Layer 7 attacks, such as SQL injection (SQLi) and remote code execution (RCE).…
Continue reading ›Using ModSecurity to Virtually Patch Apache Struts CVE-2017-5638
Many security vulnerabilities are found in libraries used by application code. When it's impractical to quickly deploy a fix to code in a library, you may be able to use ModSecurity to intercept an exploit, “virtually patching" the affected code until you can upgrade the affected libraries. The Apache Struts application library vulnerability (CVE-2017-5638), which…
Continue reading ›Top 5 NGINX Blog Posts for 2017 – R12, Microservices, & More
neophile (n): an enthusiast for what is new or novel What was most popular in the NGINX blog this year? Looking at our top blog posts, we see that new NGINX Plus releases, microservices, security, and load balancing are all big hits, along with the NGINX Application Platform. 1. NGINX Plus R12 The NGINX Plus R12 release was…
Continue reading ›ModSecurity: Logging and Debugging
[ngx_snippet name='table-style-blog'] "ModSecurity will help you sleep better at night because, above all, it solves the visibility problem: it lets you see your web traffic." — Ivan Ristić, creator of ModSecurity When something is not working as you expect it to, logs are always the first place to look. Good logs can provide valuable insights to…
Continue reading ›How to Use Project Honeypot with NGINX and ModSecurity 3.0
[blockquote author="Warren Buffett"]It takes 20 years to build a reputation and 5 minutes to ruin it. If you think about that, you’ll do things differently. To help fight crime, the FBI maintains a public Ten Most Wanted list of the most dangerous criminals out there. Anyone who sees someone on the list will know to call the police,…
Continue reading ›Compiling and Installing ModSecurity for NGINX Open Source
[blockquote author="Ivan Ristić, creator of ModSecurity"]Web applications – yours, mine, everyone’s – are terribly insecure on average. We struggle to keep up with the security issues and need any help we can get to secure them. We all want to create secure applications that will never be breached. But the almost weekly news of a high‑profile…
Continue reading ›Announcing General Availability of the NGINX Plus with ModSecurity WAF
[blockquote author="Ivan Ristić, creator of ModSecurity"]...even when you understand web security, it is difficult to produce secure code, especially when working under the pressure so common in today's software development projects. More than ever before, organizations need all the help they can get with web application security. According to the Q4 2016 State of the…
Continue reading ›Building a Security Shield for Your Applications with NGINX & Wallarm
This post is adapted from a presentation by Stepan Ilyan of Wallarm at nginx.conf in September 2016. You can view a recording of the presentation on YouTube. Table of Contents 0:00 Who Am I? Some Stats Agenda 2:11 Why NGINX? 2:41 Attack Blocking with NGINX 3:05 Chapter 1 – Detect and Block 3:14 Tip #1 – Use…
Continue reading ›Improve App Security with the Free O’Reilly NGINX Cookbook, Part 2
Over the past year web application attacks increased by 50% and DDoS attacks more than doubled, according to Akamai. The unfortunate truth is that everyone is now a potential target. As businesses become more dependent on applications and the data within them, the consequences of a security breach can be devastating. To help prevent you from…
Continue reading ›