On 14 September 2020 we released an update to the NGINX Plus ModSecurity module (for NGINX Plus R20, R21, and R22) in response to CVE-2020-15598. We encourage NGINX Plus subscribers to upgrade to the patched module.
Tag: ModSecurity web application firewall (WAF)
Tag: ModSecurity web application firewall (WAF)
Ask NGINX | April 2019
In this installment of our "Ask NGINX" series, we discuss how NGINX and NGINX Plus work with Diffie-Hellman, support for Datagram Transport Layer Security, how to control the lifetime of content in the cache, and how to add the NGINX WAF to an NGINX Plus subscription.
Securing Applications in Microsoft Azure App Service with NGINX Plus
With NGINX Plus in front of your web apps, API, and mobile backends hosted in Microsoft Azure App Service, you can load balance and secure applications at a global scale with a high level of protection against exploits and attacks from the web.
The NGINX ModSecurity WAF Joins the Google Cloud Security Partner Ecosystem
The NGINX Web Application Firewall (WAF) is now certified in the Google Cloud Security Partner Ecosystem, protecting applications hosted on the Google Cloud Platform from Layer 7 attacks like SQLi and RCE.
Using ModSecurity to Virtually Patch Apache Struts CVE-2017-5638
When a CVE appears, updating affected libraries and re-testing can be too slow. See how to quickly apply a "virtual patch" with ModSecurity.
Top 5 NGINX Blog Posts for 2017 – NGINX Plus R12, Microservices, & More
Top 5 2017 blog posts: NGINX Plus Release 12, microservices, load balancing, security, and the NGINX Application Platform.
ModSecurity: Logging and Debugging
In this blog post, we describe the basics of logging and debugging with ModSecurity and provide audit log and debug log examples
How to Use Project Honeypot with NGINX and ModSecurity 3.0
Learn how to configure ModSecurity 3.0, for both NGINX and NGINX Plus, to integrate with Project Honeypot and block malicious IP addresses.
Compiling and Installing ModSecurity for NGINX Open Source
In this blog we cover how to protect your website by compiling and installing ModSecurity 3.0 for NGINX Open Source. ModSecurity 3.0 is a complete redesign of ModSecurity that works natively with NGINX.
Announcing General Availability of the NGINX ModSecurity WAF for NGINX Plus
The NGINX Plus with ModSecurity web application firewall (WAF) protects you from a broad range of security threats, including DDoS attacks, SQLi, and XSS.