Due to changes in third-party support for ModSecurity, F5 NGINX ModSecurity WAF will reach end-of-life in March 2024. Learn about the benefits of our replacement WAF, NGINX App Protect.
NGINX, a part of F5, Inc., is pleased to announce that we have become the first Gold sponsor of the OWASP ModSecurity Core Rule Set (CRS) project. We look forward to working with the CRS team and helping ensure the CRS project’s long-term success.
On 14 September 2020 we released an update to the NGINX Plus ModSecurity module (for NGINX Plus R20, R21, and R22) in response to CVE-2020-15598. We encourage NGINX Plus subscribers to upgrade to the patched module.
In this installment of our "Ask NGINX" series, we discuss how NGINX and NGINX Plus work with Diffie-Hellman, support for Datagram Transport Layer Security, how to control the lifetime of content in the cache, and how to add NGINX ModSecurity WAF to an NGINX Plus subscription.
With NGINX Plus in front of your web apps, API, and mobile backends hosted in Microsoft Azure App Service, you can load balance and secure applications at a global scale with a high level of protection against exploits and attacks from the web.
The NGINX Web Application Firewall (WAF) is now certified in the Google Cloud Security Partner Ecosystem, protecting applications hosted on the Google Cloud Platform from Layer 7 attacks like SQLi and RCE.
When a CVE appears, updating affected libraries and re-testing can be too slow. See how to quickly apply a "virtual patch" with ModSecurity.
Top 5 2017 blog posts: NGINX Plus Release 12, microservices, load balancing, security, and the NGINX Application Platform.