The NGINX web application firewall (WAF) protects against Layer 7 attacks such as SQLi, XSS, CSRF, LFI, RFI, and more. The NGINX WAF is based on ModSecurity.
Support details: Supported by NGINX, Inc. for active NGINX Plus subscribers
Supported OS versions: NGINX Plus Technical Specifications
Installation instructions: NGINX WAF Module Admin Guide
Configuration and additional info: Module Documentation