When Security-Enhanced Linux (SELinux) is enabled for Red Hat Enterprise Linux (RHEL) and related distros, its default settings prevent NGINX and NGINX Plus from performing some operations. This article explains how to modify SELinux settings to permit full functionality.
In the second post in our API gateway series, Liam shows you how to batten down the hatches on your API services. You can use rate limiting, access restrictions, request size limits, and request body validation to frustrate illegitimate or overly burdensome requests.
It's easy to implement PCI DSS best practices, such as using new versions of TLS rather than the older SSL, encrypting upstream as well as downstream communications, and adding a WAF, with NGINX Plus. Taking these steps will help you pass PCI DSS audits. Here's how to implement them.
A newly discovered security threat exploits a configuration that allows remote users to specify the server for a request in the HTTP Host header, and thus access potentially sensitive information. In this post we explain how to prevent this "cloud metadata" attack.
The Meltdown and Spectre vulnerabilities stem from commonly found security flaws in microprocessors. They require patches to most OSs.
Top 5 2017 blog posts: NGINX Plus Release 12, microservices, load balancing, security, and the NGINX Application Platform.
In this blog post, we describe the basics of logging and debugging with ModSecurity and provide audit log and debug log examples
NGINX Plus R13, with more dynamic deployments, enhanced debugging, and improved security, is now available free to NGINX Plus subscribers
In this blog we cover how to protect your website by compiling and installing ModSecurity 3.0 for NGINX Open Source. ModSecurity 3.0 is a complete redesign of ModSecurity that works natively with NGINX.
Tyler Shields of Signal Sciences explains the alphabet soup of security-related terms, starting with WAF, and how they work together.