Accept cookies for analytics, social media, and advertising, or learn more and adjust your preferences. These cookies are on by default for visitors outside the UK and EEA. Privacy Notice.
About ModSecurity 3.0's native integration with NGINX and NGINX Plus
How to install and configure ModSecurity 3.0 with NGINX and NGINX Plus
About enabling the OWASP Core Rule Set (CRS) and the TrustWave SpiderLabs Commercial Rule Set
How to tune ModSecurity to minimize false positives and maximize performance
ModSecurity is the world’s most widely deployed web application firewall (WAF), used by more than a million websites. With the long‑awaited release of the completely rewritten ModSecurity 3.0, you can now use ModSecurity natively as a dynamic module loaded into NGINX Open Source and NGINX Plus.
This new guide covers the basics of using ModSecurity 3.0 with NGINX Open Source and NGINX Plus. It gets you started with detailed installation and configuration instructions for protecting a sample application. Advanced topics such as integration with Project Honeypot and logging are covered as well. By the end of the book you’ll have a good understanding of how to effectively use ModSecurity 3.0 together with NGINX Open Source and NGINX Plus.
Owen is a senior member of the NGINX Product Management team, covering open source and commercial NGINX products. He holds a particular responsibility for microservices and Kubernetes‑centric solutions. He’s constantly amazed by the ingenuity of NGINX users and still learns of new ways to use NGINX with every discussion.
