NGINX Rate Limiting: The Complete Guide
by Danila Vershinin, January 22, 2026
Learn how to configure NGINX rate limiting using the leaky bucket algorithm. This comprehensive guide covers limit_req_zone, burst, nodelay, delay parameters, whitelisting IPs, and production-ready configurations to protect your server from DDoS attacks, API abuse, and brute force attempts.
Read More...NGINX TLS 1.3 Hardening: A+ SSL Configuration Guide
by Danila Vershinin, January 21, 2026
Learn how to configure NGINX for maximum TLS security with TLS 1.3, achieve an A+ SSL Labs rating, and use tools like Gixy for automated security validation. Complete guide with tested configurations for RHEL 9, Rocky Linux, and AlmaLinux.
Read More...Using the OWASP Core Rule Set with the NGINX Security Module
by Danila Vershinin, January 18, 2026
Learn how to install and configure the OWASP Core Rule Set (CRS) with NGINX ModSecurity on Rocky Linux, AlmaLinux, and RHEL 9. Protect your web applications from SQL injection, XSS, remote code execution, and other OWASP Top 10 attacks with this comprehensive WAF configuration guide.
Read More...NGINX Honeypot 2.0: Zero-Latency Bot Blocking Without External Scripts
by Danila Vershinin, December 6, 2025
The enterprise approach to IP blacklisting that eliminates shell scripts, sudo, and fcgiwrap. IPSet access module for NGINX is our exclusive closed-source premium package in NGINX Extras modules collection.
Read More...How to install the ModSecurity NGINX module in Rocky Linux/AlmaLinux/RHEL 9
by Danila Vershinin, January 25, 2025
Here’s how to easily install ModSecurity for NGINX in Rocky Linux/AlmaLinux/RHEL 9
Read More...Protecting from the Host header vulnerability injection in NGINX
by Danila Vershinin, April 6, 2024
Discover 2 essential strategies for protecting your NGINX web applications from the Host header vulnerability injections. Learn how to secure your infrastructure against cache poisoning and other attacks related to the Host header injection.
Read More...
Free SSL for NGINX with Let’s Encrypt: Complete Guide
by Emily Serverwise, January 19, 2023
Learn how to configure free SSL for NGINX with Let’s Encrypt using DNS validation. This complete guide covers Cloudflare integration, automatic renewal, and production-ready TLS configuration.
Read More...Performance-friendly way of blocking Referrer spam
by Danila Vershinin, August 27, 2022
Protecting your NGINX website from Referrer spam SPAM using efficient performance-friendly maps
Read More...Monitoring PHP-FPM in Bitnami stacks using NGINX Amplify
by Danila Vershinin, April 29, 2022
Update (2026): F5 Networks discontinued NGINX Amplify on January 31, 2026. The instructions below reference the deprecated nginx-amplify-agent and the F5 cloud endpoint. For a drop-in replacement that keeps your existing agent working with a single config-line change, see GetPageSpeed Amplify: the drop-in NGINX Amplify replacement. If you are a user of Bitnami stack for […]
Read More...How to install NGINX WAF module in Fedora Linux
by Danila Vershinin, February 19, 2022
How to easily set up WAF module protecting your NGINX powered websites in Fedora Linux. Install prebuilt NGINX WAF module.
Read More...Recommended Web Hosting
