NGINX JavaScript Challenge: Stop Bots Without CAPTCHAs
by Danila Vershinin, February 6, 2026
Learn how to protect your NGINX server from bots and DDoS attacks using the JavaScript challenge module. This lightweight proof-of-work solution filters automated traffic without CAPTCHAs, preserving user experience while blocking scripts that cannot execute JavaScript.
Read More...NGINX NAXSI WAF: Complete Setup and Configuration Guide
by Danila Vershinin,
Learn how to set up the NAXSI web application firewall for NGINX on Rocky Linux and RHEL. This guide covers installation, core rules, learning mode, whitelisting, libinjection integration, and production deployment of this lightweight WAF alternative to ModSecurity.
Read More...NGINX FancyIndex: Beautiful Directory Listings
by Danila Vershinin, February 5, 2026
NGINX’s built-in autoindex module generates directory listings that look like they belong in the 1990s. Plain text, no styling, no sorting controls, and no way to customize the appearance. If you serve files for download — software packages, documentation, media archives, or shared project assets — you need NGINX FancyIndex. The NGINX FancyIndex module (ngx_http_fancyindex_module) […]
Read More...NGINX LDAP Authentication: Complete Module Setup Guide
by Danila Vershinin,
Learn how to set up NGINX LDAP authentication using the nginx-auth-ldap dynamic module. This guide covers installation from pre-built packages, Active Directory integration, LDAPS encryption, multi-server failover, authentication caching, and production security hardening.
Read More...NGINX APT Repository: 130+ Modules for Debian/Ubuntu – No More Compiling
by Danila Vershinin, February 4, 2026
If you’ve ever spent an afternoon compiling ngx_brotli on Ubuntu 22.04, only to watch it break after the next apt upgrade, this post is for you. We’re announcing the GetPageSpeed NGINX APT repository — the solution Debian and Ubuntu users have been waiting for. The state of NGINX modules on Debian and Ubuntu has become… […]
Read More...NGINX mod_zip: Dynamic ZIP Archives Guide
by Danila Vershinin,
Learn how to use NGINX mod_zip module to dynamically assemble ZIP archives on-the-fly without loading files into memory. Perfect for download portals, file sharing services, and any application that needs to serve multiple files as a single ZIP archive with minimal server resources.
Read More...NGINX TOTP Authentication: Add 2FA to Your Server
by Danila Vershinin,
Learn how to add time-based one-time password (TOTP) two-factor authentication to NGINX protected locations. This guide covers installation, configuration, and security best practices for the ngx_http_auth_totp module.
Read More...NGINX Upload Module: File Upload Handling Guide
by Danila Vershinin, February 2, 2026
Learn how to configure the NGINX upload module for efficient file upload handling. This comprehensive guide covers installation, configuration directives, resumable uploads, security best practices, and performance optimization for system administrators managing production servers.
Read More...NGINX JWT Authentication Module: Secure Your APIs
by Danila Vershinin,
Learn how to implement native JWT authentication directly in NGINX using the nginx-module-jwt. This lightweight module validates JSON Web Tokens at the edge, reducing backend load and simplifying your API security architecture.
Read More...NGINX Length Hiding Module: Does It Actually Prevent BREACH Attacks?
by Danila Vershinin,
The NGINX length hiding module is often recommended for BREACH attack mitigation, but security research shows it only slows down attacks, not prevents them. Learn what actually protects against BREACH: SameSite cookies, CSRF token rotation, and proper application architecture.
Read More...Recommended Web Hosting
