NGINX, a part of F5, Inc., is pleased to announce that we have become the first Gold sponsor of the OWASP ModSecurity Core Rule Set (CRS) project. We look forward to working with the CRS team and helping ensure the CRS project’s long-term success.
Tag: ModSecurity web application firewall (WAF)
Tag: ModSecurity web application firewall (WAF)
Addressing a DoS Vulnerability (CVE-2020-15598) in ModSecurity
On 14 September 2020 we released an update to the NGINX Plus ModSecurity module (for NGINX Plus R20, R21, and R22) in response to CVE-2020-15598. We encourage NGINX Plus subscribers to upgrade to the patched module.
Ask NGINX | April 2019
In this installment of our "Ask NGINX" series, we discuss how NGINX and NGINX Plus work with Diffie-Hellman, support for Datagram Transport Layer Security, how to control the lifetime of content in the cache, and how to add the NGINX WAF to an NGINX Plus subscription.
Securing Applications in Microsoft Azure App Service with NGINX Plus
With NGINX Plus in front of your web apps, API, and mobile backends hosted in Microsoft Azure App Service, you can load balance and secure applications at a global scale with a high level of protection against exploits and attacks from the web.
The NGINX ModSecurity WAF Joins the Google Cloud Security Partner Ecosystem
The NGINX Web Application Firewall (WAF) is now certified in the Google Cloud Security Partner Ecosystem, protecting applications hosted on the Google Cloud Platform from Layer 7 attacks like SQLi and RCE.
Using ModSecurity to Virtually Patch Apache Struts CVE-2017-5638
When a CVE appears, updating affected libraries and re-testing can be too slow. See how to quickly apply a "virtual patch" with ModSecurity.
Top 5 NGINX Blog Posts for 2017 – NGINX Plus R12, Microservices, & More
Top 5 2017 blog posts: NGINX Plus Release 12, microservices, load balancing, security, and the NGINX Application Platform.
ModSecurity: Logging and Debugging
In this blog post, we describe the basics of logging and debugging with ModSecurity and provide audit log and debug log examples
How to Use Project Honeypot with NGINX and ModSecurity 3.0
Learn how to configure ModSecurity 3.0, for both NGINX and NGINX Plus, to integrate with Project Honeypot and block malicious IP addresses.
Compiling and Installing ModSecurity for NGINX Open Source
In this blog we cover how to protect your website by compiling and installing ModSecurity 3.0 for NGINX Open Source. ModSecurity 3.0 is a complete redesign of ModSecurity that works natively with NGINX.