中文
The NGINX Controller API Management Module secures your APIs at every API touchpoint – authenticating and authorizing third-party client applications and developers, rate limiting API calls to mitigate DDoS attacks, and protecting backend applications that process the API calls.
NGINX Plus 的 PCI DSS 最佳实践
It's easy to implement PCI DSS best practices, such as using new versions of TLS rather than the older SSL, encrypting upstream as well as downstream communications, and adding a WAF, with NGINX Plus. Taking these steps will help you pass PCI DSS audits. Here's how to implement them.
不信任任何人:信任用户输入的风险
A newly discovered security threat exploits a configuration that allows remote users to specify the server for a request in the HTTP Host header, and thus access potentially sensitive information. In this post we explain how to prevent this "cloud metadata" attack.
NGINX 对 Meltdown 和 Spectre 漏洞的响应
The Meltdown and Spectre vulnerabilities stem from commonly found security flaws in microprocessors. They require patches to most OSs.
2017 年 NGINX 博客文章前 5 名 – NGINX Plus R12、微服务等等
Top 5 2017 blog posts: NGINX Plus Release 12, microservices, load balancing, security, and the NGINX Application Platform.
ModSecurity:日志记录和错误调试
In this blog post, we describe the basics of logging and debugging with ModSecurity and provide audit log and debug log examples
借助 NGINX Plus 和 fail2ban 实现动态 IP 拒绝列表
We implement dynamic IP address-based denylisting using the NGINX Plus key-value store and fail2ban, which monitors log files for suspicious activity
隆重推出 NGINX Plus R13
NGINX Plus R13, with more dynamic deployments, enhanced debugging, and improved security, is now available free to NGINX Plus subscribers
为 NGINX 开源版编译和安装 ModSecurity
In this blog we cover how to protect your website by compiling and installing ModSecurity 3.0 for NGINX Open Source. ModSecurity 3.0 is a complete redesign of ModSecurity that works natively with NGINX.
Web 应用安全防护
Tyler Shields of Signal Sciences explains the alphabet soup of security-related terms, starting with WAF, and how they work together.
