Whitelist OpenAI IP Ranges in NGINX and fail2ban
by Danila Vershinin, June 2, 2026
If you want ChatGPT Search, GPTBot, and OpenAI’s on-demand fetcher to actually reach your content, the answer is not just “set Allow: / in robots.txt.” Modern NGINX deployments lean on rate limiting, GeoIP rules, and fail2ban; each of those will silently choke an OpenAI bot if you don’t deliberately whitelist OpenAI IP ranges in every […]
Read More...NGINX JSONP: Safe Cross-Origin APIs with the XSS Module
by Danila Vershinin, April 7, 2026
Serve cross-origin JSONP from NGINX without the callback injection risk. The XSS module validates callback names against a strict JavaScript-identifier grammar, so hostile query parameters cannot be reflected as executable code.
Read More...NGINX WAF Module: Lightweight Web Application Firewall
by Danila Vershinin, April 3, 2026
Install and configure the ngx_waf module to protect NGINX against SQL injection, XSS, malicious bots, and CC attacks. Includes IP blacklists, regex rules, rate limiting, an advanced rule DSL, and an Under Attack challenge mode.
Read More...NGINX Traffic Accounting Module: Real-Time Metrics
by Danila Vershinin, March 28, 2026
Learn how to monitor NGINX traffic metrics in real time with the traffic accounting module. Get per-location request counts, bandwidth usage, latency, and HTTP status breakdowns — all aggregated in memory with minimal CPU and memory overhead, no log parsing required.
Read More...NGINX TeslaGov JWT Module: Claim Forwarding
by Danila Vershinin,
Learn how to authenticate API requests and forward JWT claims to backend services using the NGINX TeslaGov JWT module. Covers installation, HMAC and RSA key configuration, cookie-based auth for SPAs, login redirects, and claim extraction to request, response, and NGINX variables.
Read More...NGINX Stream Monitoring with the Stream STS Module
by Danila Vershinin, March 27, 2026
Learn how to monitor NGINX stream (TCP/UDP) traffic with the Stream Server Traffic Status module. Get real-time connection metrics, upstream health data, and Prometheus-compatible output for your TCP/UDP load balancers and proxies.
Read More...NGINX StatsD Module: Metrics to Graphite and Datadog
by Danila Vershinin, March 25, 2026
Learn how to send real-time NGINX metrics — request counts, response times, and custom counters — directly to StatsD, Graphite, and Datadog using the nginx-module-statsd dynamic module. Includes installation, configuration, and production best practices.
Read More...NGINX Kerberos Authentication: Enterprise SSO with SPNEGO
by Danila Vershinin, March 23, 2026
Learn how to configure NGINX Kerberos authentication with the SPNEGO module for transparent Single Sign-On in Active Directory environments. Complete guide covering installation, keytab setup, principal authorization, credential delegation, and security best practices.
Read More...NGINX Shibboleth Module: SSO Authentication Guide
by Danila Vershinin, March 22, 2026
Learn how to integrate NGINX with Shibboleth SSO using the nginx-http-shibboleth module. This guide covers installation, configuration of the FastCGI authorizer, secure attribute passing to backend applications, and critical anti-spoofing measures for production deployments.
Read More...NGINX Secure Token Module: CDN Token Authentication
by Danila Vershinin, March 21, 2026
Learn how to protect HLS, DASH, and HDS streaming content with the NGINX secure token module. Generate CDN-compatible tokens for Akamai, CloudFront, and other providers directly at the edge, with configuration examples and security best practices.
Read More...Recommended Web Hosting
