Skip to main content

Using the OWASP Core Rule Set with the NGINX Security Module

by Danila Vershinin, January 18, 2026

Learn how to install and configure the OWASP Core Rule Set (CRS) with NGINX ModSecurity on Rocky Linux, AlmaLinux, and RHEL 9. Protect your web applications from SQL injection, XSS, remote code execution, and other OWASP Top 10 attacks with this comprehensive WAF configuration guide.

Read More...

How to enable Varnish Cache on Magento 2 without downtime

by Danila Vershinin, January 16, 2026

Learn how to enable Varnish Cache on Magento 2 without downtime. Step-by-step guide with NGINX sandwich setup, VCL configuration, and zero-downtime traffic switch.

Read More...

Tuning NGINX worker_processes: A Deep Dive

by Danila Vershinin, January 15, 2026

Learn how NGINX worker_processes works internally. Understand when to use auto and when manual tuning is better for VPS, containers, and high-memory setups.

Read More...

NGINX Honeypot 2.0: Zero-Latency Bot Blocking Without External Scripts

by Danila Vershinin, December 6, 2025

The enterprise approach to IP blacklisting that eliminates shell scripts, sudo, and fcgiwrap. IPSet access module for NGINX is our exclusive closed-source premium package in NGINX Extras modules collection.

Read More...

Practical guide: tuning http2_chunk_size in NGINX

by Danila Vershinin, October 5, 2025

Pick the right http2_chunk_size in NGINX without guesswork. This practical guide shows when to use 4k, 8k, or 16k, how frame-size limits affect real clients, and how to apply per-location overrides (including Varnish frontends). Includes rule-of-thumb sizing, config snippets, and tips to balance TTFB, fairness, and bulk throughput.

Read More...

How to install the ModSecurity NGINX module in Rocky Linux/AlmaLinux/RHEL 9

by Danila Vershinin, January 25, 2025

Here’s how to easily install ModSecurity for NGINX in Rocky Linux/AlmaLinux/RHEL 9

Read More...

NGINX, PHP-FPM, and File Permissions

by Danila Vershinin, January 5, 2025

This podcast discusses **how to set up file permissions for websites running on NGINX and PHP-FPM**. It explains why it’s crucial to use separate user accounts for each website and for the web server. The episode delves into the **correct ownership and permissions for website files and directories**, and how to connect the website user […]

Read More...

NGINX Security Headers module

by Danila Vershinin, December 19, 2024

In this episode of Scalable Stories, we take a deep dive into the NGINX Security Headers module by GetPageSpeed. Learn how this powerful NGINX module simplifies the process of adding essential security headers to your web applications. We’ll explore how it helps protect against common vulnerabilities, ensures compliance with best practices, and enhances your website’s […]

Read More...

Supercharging WordPress with NGINX Cache Purge – Say Goodbye to Mounts and Permissions Hassles!

by Danila Vershinin, November 2, 2024

Learn how to set up NGINX cache purge for WordPress with the ngx_cache_purge module. This guide covers installation, configuration, cache key best practices, and troubleshooting common purge issues.

Read More...

Mastering the index Directive in Nginx: Best Practices and Optimization Tips

by Danila Vershinin, May 23, 2024

The index directive in Nginx is essential for serving default files when a directory is requested. In this guide, we explore its configuration, best practices, and security enhancements. Learn how to effectively use the index directive to improve your Nginx server’s performance and protect your website.

Read More...