NGINX.COM

Reifen.com Drives Performance and Compliance with NGINX App Protect

Modern WAF Earns the Highest Rating from Industry Certification Body
Headquarters
Hannover, Germany
Founded
1989
Use Cases
,
Solutions
,
Overview

reifen.com is one of Germany's best‑known tire store, with dozens of branches across the country and thousands of assembly partners, as well as its e‑commerce site.

Challenge

reifen.com was looking to improve its online performance and meet internal and external security and compliance standards.

Results

Improved Visibility

Faster Identification of Problems

Greater Responsiveness to Market Changes

Overview

A leading multi‑channel provider of tires, wheels and tire‑fitting services, reifen.com was looking to improve its online performance and meet internal security and compliance standards. With the requirement from security and compliance, and a need to optimize a complex e‑commerce operation that stretches across six countries, reifen.com turned to NGINX Plus.

Challenge

The nature of its industry presents multiple challenges for Reifen.com as it seeks to deliver a seamless, multi‑channel customer experience – from its online stores to the services delivered by its thousands of tire fitting partners.

The nature of the requests its servers must handle are complex, requiring numerous calculations to ensure the right size and model of tires, wheels, and rims are chosen for the vehicle in question. “This business sounds simple, but it’s very complicated in the back end,” said Sascha Petranka, e‑commerce consultant to reifen.com. “A huge amount of calculation has to happen with each request.”

The tire industry is also somewhat seasonal, with customer orders for snow tires causing traffic spikes during the winter months. Although the pattern has become less pronounced in recent years, in the past reifen.com sometimes had to turn off its servers to avoid being overwhelmed. In this context, load balancing and traffic management have been key to ensure that the company did not have to invest in additional hardware that would be obsolete for much of the year.

In 2020, reifen.com also faced one very specific challenge: the new requirement from certification body TÜV to install a web application firewall (WAF) to attain the highest compliance rating as a trustworthy and secure online retailer. Because TÜV certifications are important to consumers, WAF had become an essential priority.

Solution

When reifen.com began investigating WAF solutions in summer 2020, it had already been using NGINX web servers for a number of years for high‑performance content delivery. Initially it considered NGINX Plus with NGINX ModSecurity WAF, which meets the TÜV compliance requirements.

However, after discussions with the F5 and NGINX teams, reifen.com opted instead for NGINX App Protect. The decision was influenced by App Protect’s superior performance and its ability to future‑proof against attack vectors that are likely to become more prevalent, such as attacks on the company’s APIs. “We decided to go with App Protect because it gave us the best performance, the best long‑term solution, and the combined expertise of NGINX and F5 together,” Petranka said. “Even though the cost was a little higher than ModSecurity, it was an obvious recommendation to make.”

Implementation was a staged process, with NGINX Plus installed first on some of reifen.com’s lower‑traffic regional sites, before being scaled across the entire global operation over the course of a month. This gradual approach allowed the team to adjust settings iteratively to improve performance, deal with issues that arose, and ensure that the solution was optimized by the time it was ready for full implementation. “When we switched the main website over, it was clear that it worked with the full load on the system,” Petranka recalled.

We decided to go with App Protect because it gave us the best performance, the best long‑term solution, and the combined expertise of NGINX and F5 together. Even though the cost was a little higher than Modsecurity, it was an obvious recommendation to make.
– Sascha Petranka, E‑Commerce consultant to reifen.com

Results

As well as ensuring reifen.com met the new compliance requirements for TÜV certification, NGINX Plus with App Protect has helped the business gain visibility into its performance, identify problems more quickly, and respond to competitors with greater agility.

Improved Visibility

The business had previously been using a Level 2 load balancer with a terminal which required technical knowledge to use. “I couldn’t give it to project managers to see for themselves how something was performing,” Petranka said. “Now with the NGINX Plus dashboard, we have a nice overview of the load balancer and it’s easy for non‑technical people to understand what’s going on.” NGINX Plus provides reifen.com with improved visibility into the real‑time performance of its e‑commerce operation, equipping its whole team with business‑critical insight.

Faster Identification of Problems

The improved visibility and functionality is also enabling the business to identify and resolve issues more quickly. “An advantage of the dashboard is that we can now see the response times of all the upstream servers, and it’s obvious if something is not right,” Petranka commented. “I can see immediately what’s going on and show the team where there may be problems to inspect. It gives us a much better view and control over the entire infrastructure.” He also highlighted that integration of Elasticsearch into NGINX Plus has made it easier to look for problems and identify issues at an early stage – including one that arose in the interface with reifen.com’s third‑party payment providers as a result of malformed XML requests.

Greater Responsiveness to Market Changes

In the dynamic e‑commerce environment, where competitors constantly adjust prices and promotions, seeking to imitate or outdo each other, NGINX Plus has helped reifen.com improve its agility and speed of response. “We can see where traffic is coming from and decide whether to react to it or not, whether by blocking traffic we don’t want or adjusting our prices.” This ability to respond, Petranka said, is further enhanced by the centralized functionality of NGINX Plus. “You can easily configure everything on the gateway, and centrally manage the paths and flows of traffic.”