NGINX WAF Module: Lightweight Web Application Firewall
by Danila Vershinin, April 3, 2026
Install and configure the ngx_waf module to protect NGINX against SQL injection, XSS, malicious bots, and CC attacks. Includes IP blacklists, regex rules, rate limiting, an advanced rule DSL, and an Under Attack challenge mode.
Read More...NGINX Stream Lua Module: Programmable TCP/UDP Processing
by Danila Vershinin, March 27, 2026
Learn how to use the NGINX stream lua module to add programmable logic to TCP and UDP traffic. This guide covers installation, configuration, cosockets, shared dictionaries, rate limiting, protocol detection, and custom load balancing with Lua in the NGINX stream subsystem.
Read More...NGINX Redis Rate Limit Module: Distributed Throttling
by Danila Vershinin, March 19, 2026
Learn how to implement distributed rate limiting in NGINX using the Redis Rate Limit module. This module uses the Generic Cell Rate Algorithm (GCRA) with Redis as a backend, providing precise request throttling across multiple NGINX instances for API protection, login abuse prevention, and DDoS mitigation.
Read More...NGINX Lua Module: Programmable Web Serving Guide
by Danila Vershinin, March 15, 2026
Learn how to extend NGINX with the Lua module for custom authentication, rate limiting, API gateways, and more. Includes installation on RHEL, CentOS, Ubuntu, and practical examples with 110+ ready-to-install Lua libraries from the GetPageSpeed repository.
Read More...NGINX Limit Traffic Rate Module Guide
by Danila Vershinin, March 11, 2026
Learn how to limit total download bandwidth across multiple connections using the NGINX limit_traffic_rate module. Unlike the native limit_rate directive that applies per-connection, this module enforces a shared bandwidth limit by client IP or URL.
Read More...NGINX Dynamic Limit Req Module: Redis-Backed Rate Limiting
by Danila Vershinin, March 4, 2026
Learn how to protect your NGINX server from DDoS attacks and brute force abuse using the dynamic limit req module. This Redis-backed rate limiter dynamically blocks offending IPs with configurable lockout periods, whitelisting, and multi-zone policies.
Read More...NGINX Delay Module: Slow Down Attackers Easily
by Danila Vershinin,
The NGINX delay module adds artificial request delays to slow down brute force attacks, scanner bots, and other malicious traffic — without blocking worker processes. Learn how to install and configure it for security hardening on RHEL, CentOS, AlmaLinux, Rocky Linux, Debian, and Ubuntu.
Read More...NGINX Cookie Limit Module: Rate Limiting Guide
by Danila Vershinin, March 3, 2026
Learn how to protect your NGINX server from cookie-based attacks using the ngx_cookie_limit_req_module. This Redis-backed module combines cookie rate limiting with forged cookie detection to block malicious IPs that generate excessive unique cookies.
Read More...NGINX Honeypot 3.0: Advanced IP Blocking with nftables
by Danila Vershinin, February 15, 2026
NGINX Honeypot 3.0 introduces the ngx_nftset_access module – a complete rewrite using modern nftables instead of legacy ipset. Auto-ban attackers, rate-limit abusers, and challenge bots with proof-of-work puzzles, all from within NGINX.
Read More...NGINX Rate Limiting: The Complete Guide
by Danila Vershinin, January 22, 2026
Learn how to configure NGINX rate limiting using the leaky bucket algorithm. This comprehensive guide covers limit_req_zone, burst, nodelay, delay parameters, whitelisting IPs, and production-ready configurations to protect your server from DDoS attacks, API abuse, and brute force attempts.
Read More...Recommended Web Hosting
