NGINX.COM

Tag: security

Building a Security Shield for Your Applications with NGINX & Wallarm

This post is adapted from a presentation by Stepan Ilyan of Wallarm at nginx.conf in September 2016. You can view a recording of the presentation on YouTube. Table of Contents 0:00 Introduction   Who Am I?   Some Stats   Agenda 2:11 Why NGINX? 2:41 Attack Blocking with NGINX 3:05 Chapter 1 – Detect and Block 3:14 Tip…

Continue reading ›

Stealth Security’s NGINX Plus Certified Module Protects Your Applications

NGINX Plus Certified Module Extends Stealth Security Protection from Credential Exploits to More Than a Third of the Internet At Stealth Security, it is our mission to enable enterprises to proactively protect their web application interfaces, including their web, mobile, and enterprise APIs, from credential exploits like account takeovers. According to the PYMNTS blog, “Account takeovers…

Continue reading ›

Improve App Security with the Free O’Reilly NGINX Cookbook, Part 2

Over the past year web application attacks increased by 50% and DDoS attacks more than doubled, according to Akamai. The unfortunate truth is that everyone is now a potential target. As businesses become more dependent on applications and the data within them, the consequences of a security breach can be devastating. To help prevent you from…

Continue reading ›

Third-Party Content and Old Software Pose Security Risks

A recent article in CSO magazine states that nearly half of the top million websites "pose security risks". The CSO article is referencing the State of the Web 2016 Report from Menlo Security. To avoid these problems, we recommend three potential solutions: upgrade your NGINX software, use NGINX Amplify for configuration analysis, or move to NGINX…

Continue reading ›

Authenticating Users to Existing Applications with OpenID Connect and NGINX Plus

Using JWT support to provide SSO for existing applications OAuth 2.0 has done much to transform the flexibility and user experience of authenticating to websites and applications. But despite the name, the OAuth 2.0 specification says very little about verifying end‑user identity and nothing about single sign‑on (SSO). That’s where OpenID Connect comes in – it is essentially the…

Continue reading ›

nginx.conf 2016 Preview 2: Customer and Partner Speakers

nginx.conf 2016 is happening September 7–9, less than a month away. Sign up today via this link for a $400 discount plus another 25% off! The first two days – Wednesday, September 7 and Thursday, September 8 – are the regular conference, with sessions and exhibitor booths. We will also have two of the most popular attractions at every NGINX…

Continue reading ›

Updating the GPG Key for NGINX Products

If you use NGINX Plus, NGINX Amplify, or the prebuilt open source NGINX binaries from nginx.org, you might need to update the GPG key for your NGINX software now. The keys for some NGINX software – specifics are explained below – will expire on Wednesday, August 17th, and you won’t be able to verify your software signatures until you’ve updated…

Continue reading ›

Mitigating the HTTPoxy Vulnerability with NGINX

On July 18th, a vulnerability named ‘HTTPoxy’ was announced, affecting some server‑side web applications that run in CGI or CGI‑like environments, such as some FastCGI configurations. Languages known to be affected so far include PHP, Python, and Go. A number of CVEs have been assigned, covering specific languages and CGI implementations: Apache HTTP Server (CVE-2016-5387)…

Continue reading ›

TRY NGINX PLUS!

Download a 30 day free trial and see what you've been missing.

We'll take care of your data.

X

Got a question for the NGINX team?

< back
X

NGINX Controller Free Trial

NGINX Controller is a managed trial for qualified customers.

We'll take care of your data.

X

Tags

No More Tags to display