NGINX Execute Module: Run Shell Commands via HTTP
by Danila Vershinin, March 5, 2026
Learn how to safely install and configure the NGINX execute module for running shell commands via HTTP requests. This guide covers security hardening with IP restrictions, practical use cases for system monitoring, and critical warnings about exposing command execution on production servers.
Read More...NGINX Encrypted Session Module: AES-256 Variable Encryption
by Danila Vershinin,
Learn how to encrypt and decrypt NGINX variable values using the encrypted session module. This guide covers AES-256-CBC encryption for secure cookies, time-limited tokens, and session management directly in NGINX configuration.
Read More...NGINX Dynamic Limit Req Module: Redis-Backed Rate Limiting
by Danila Vershinin, March 4, 2026
Learn how to protect your NGINX server from DDoS attacks and brute force abuse using the dynamic limit req module. This Redis-backed rate limiter dynamically blocks offending IPs with configurable lockout periods, whitelisting, and multi-zone policies.
Read More...NGINX Delay Module: Slow Down Attackers Easily
by Danila Vershinin,
The NGINX delay module adds artificial request delays to slow down brute force attacks, scanner bots, and other malicious traffic — without blocking worker processes. Learn how to install and configure it for security hardening on RHEL, CentOS, AlmaLinux, Rocky Linux, Debian, and Ubuntu.
Read More...NGINX Captcha Module: Server-Side CAPTCHA Guide
by Danila Vershinin, February 28, 2026
Learn how to generate and validate CAPTCHA images directly in NGINX without relying on external services like reCAPTCHA. The NGINX captcha module creates server-side CAPTCHA challenges using the GD graphics library, keeping your authentication flows fast, private, and dependency-free.
Read More...NGINX AWS S3 Proxy: Secure Module Guide
by Danila Vershinin, February 26, 2026
Learn how to use the NGINX AWS auth module to securely proxy requests to Amazon S3 without exposing IAM secret keys on your server. This guide covers installation, configuration, signing key rotation, and security best practices for the ngx_aws_auth module.
Read More...NGINX Auth Hash Module: Secure URL Authentication
by Danila Vershinin,
Learn how to protect files and content with the NGINX auth hash module. This module brings SHA-256, SHA-512, BLAKE2, and other modern hash algorithms to NGINX secure URL authentication, replacing the MD5-only limitation of the built-in secure_link module.
Read More...NGINX Access Control Module: Variable-Based Rules
by Danila Vershinin, February 25, 2026
The NGINX access control module extends native allow/deny directives beyond IP addresses to any NGINX variable. Build flexible access policies using headers, query parameters, geo data, and custom maps — all evaluated at the access phase without resorting to if-statements.
Read More...NGINX Headers-More Module: Complete Guide
by Danila Vershinin, February 23, 2026
Master HTTP header manipulation in NGINX with the headers-more module. Learn how to set, clear, and replace any header including protected ones like Server. Complete guide with security hardening examples, proxy configuration, and performance tips.
Read More...NGINX Security Headers Module: Complete Configuration Guide
by Danila Vershinin, February 21, 2026
Configure NGINX security headers the right way with the ngx_security_headers module. This comprehensive guide covers all directives including X-Frame-Options, Referrer-Policy, HSTS, Cross-Origin policies, and automatic header hiding. Includes installation, configuration examples, and security best practices.
Read More...Recommended Web Hosting
