NGINX Dynamic Limit Req Module: Redis-Backed Rate Limiting
by Danila Vershinin, March 4, 2026
Learn how to protect your NGINX server from DDoS attacks and brute force abuse using the dynamic limit req module. This Redis-backed rate limiter dynamically blocks offending IPs with configurable lockout periods, whitelisting, and multi-zone policies.
Read More...NGINX Delay Module: Slow Down Attackers Easily
by Danila Vershinin,
The NGINX delay module adds artificial request delays to slow down brute force attacks, scanner bots, and other malicious traffic — without blocking worker processes. Learn how to install and configure it for security hardening on RHEL, CentOS, AlmaLinux, Rocky Linux, Debian, and Ubuntu.
Read More...NGINX Cookie Limit Module: Rate Limiting Guide
by Danila Vershinin, March 3, 2026
Learn how to protect your NGINX server from cookie-based attacks using the ngx_cookie_limit_req_module. This Redis-backed module combines cookie rate limiting with forged cookie detection to block malicious IPs that generate excessive unique cookies.
Read More...NGINX Captcha Module: Server-Side CAPTCHA Guide
by Danila Vershinin, February 28, 2026
Learn how to generate and validate CAPTCHA images directly in NGINX without relying on external services like reCAPTCHA. The NGINX captcha module creates server-side CAPTCHA challenges using the GD graphics library, keeping your authentication flows fast, private, and dependency-free.
Read More...NGINX Device Detection Module: Block AI Crawlers
by Danila Vershinin, February 15, 2026
The NGINX Device Detection Module (ngx_http_device_type_module) performs high-performance device classification directly at the edge. It identifies mobile phones, tablets, desktops, gaming consoles, smart TVs, wearables, and bots—including AI crawlers like GPTBot and ClaudeBot. Traditional device detection solutions rely on external API calls. This adds latency and per-request costs. The NGINX device detection module performs detection […]
Read More...NGINX Honeypot 3.0: Advanced IP Blocking with nftables
by Danila Vershinin,
NGINX Honeypot 3.0 introduces the ngx_nftset_access module – a complete rewrite using modern nftables instead of legacy ipset. Auto-ban attackers, rate-limit abusers, and challenge bots with proof-of-work puzzles, all from within NGINX.
Read More...NGINX Bot Protection Without CAPTCHA: Testcookie Guide
by Danila Vershinin, January 30, 2026
Learn how to implement NGINX bot protection using the testcookie module. This JavaScript-based challenge blocks automated traffic without frustrating legitimate users with CAPTCHAs.
Read More...Recommended Web Hosting
