NGINX Bot Protection Without CAPTCHA: Testcookie Guide
by Danila Vershinin, January 30, 2026
Learn how to implement NGINX bot protection using the testcookie module. This JavaScript-based challenge blocks automated traffic without frustrating legitimate users with CAPTCHAs.
Read More...NGINX Secure Link: Signed URLs and Hotlink Protection
by Danila Vershinin, January 29, 2026
Learn how to implement NGINX secure link functionality for signed URLs and hotlink protection. This comprehensive guide covers the HMAC Secure Link module installation, configuration, and client-side token generation in PHP, Python, and Bash.
Read More...NGINX Allow Deny: Complete IP Whitelist & Blacklist Guide
by Danila Vershinin, January 27, 2026
Master NGINX allow and deny directives to control access by IP address. This complete guide covers IP whitelisting, blacklisting, CIDR notation, the geo module for large IP lists, and common pitfalls with tested configurations.
Read More...NGINX Basic Auth with htpasswd: Complete Configuration Guide
by Danila Vershinin, January 26, 2026
Learn how to configure NGINX basic authentication using htpasswd. This complete guide covers password file creation, hash algorithms, WordPress protection, staging site security, SSL integration, and troubleshooting.
Read More...NGINX Rate Limiting: The Complete Guide
by Danila Vershinin, January 22, 2026
Learn how to configure NGINX rate limiting using the leaky bucket algorithm. This comprehensive guide covers limit_req_zone, burst, nodelay, delay parameters, whitelisting IPs, and production-ready configurations to protect your server from DDoS attacks, API abuse, and brute force attempts.
Read More...NGINX TLS 1.3 Hardening: A+ SSL Configuration Guide
by Danila Vershinin, January 21, 2026
Learn how to configure NGINX for maximum TLS security with TLS 1.3, achieve an A+ SSL Labs rating, and use tools like Gixy for automated security validation. Complete guide with tested configurations for RHEL 9, Rocky Linux, and AlmaLinux.
Read More...Using the OWASP Core Rule Set with the NGINX Security Module
by Danila Vershinin, January 18, 2026
Learn how to install and configure the OWASP Core Rule Set (CRS) with NGINX ModSecurity on Rocky Linux, AlmaLinux, and RHEL 9. Protect your web applications from SQL injection, XSS, remote code execution, and other OWASP Top 10 attacks with this comprehensive WAF configuration guide.
Read More...How to install the ModSecurity NGINX module in Rocky Linux/AlmaLinux/RHEL 9
by Danila Vershinin, January 25, 2025
Here’s how to easily install ModSecurity for NGINX in Rocky Linux/AlmaLinux/RHEL 9
Read More...Secure WordPress chmod: A Guide to correct file permissions
by Danila Vershinin, February 8, 2024
Secure your WordPress installation by setting up the correct permissions, using find and chmod commands
Read More...Recommended Web Hosting
