NGINX PAM Authentication: System Users and LDAP Integration
by Danila Vershinin, February 20, 2026
Configure NGINX PAM authentication to authenticate users against Linux system accounts, LDAP directories, and Active Directory. Includes installation, configuration examples, caching for performance, and security best practices.
Read More...How to Block AI Crawlers with NGINX: Complete Guide
by Danila Vershinin,
Learn how to block AI crawlers like GPTBot, ClaudeBot, and PerplexityBot at the NGINX level using the device detection module. Includes configuration examples for blocking, rate limiting, and logging AI bot traffic.
Read More...Install ModSecurity NGINX: Complete WAF Guide
by Danila Vershinin, February 19, 2026
Complete guide to installing ModSecurity WAF with NGINX. Learn how to protect your web applications from SQL injection, XSS, and OWASP Top 10 vulnerabilities using pre-configured packages with OWASP Core Rule Set.
Read More...NGINX PTA Module: Time-Limited Token Authentication
by Danila Vershinin, February 16, 2026
Learn how to protect NGINX content with time-limited encrypted tokens using the PTA (Period of Time Authentication) module. Prevent hotlinking and enable secure, expiring download links with AES-128 encryption.
Read More...NGINX Device Detection Module: Block AI Crawlers
by Danila Vershinin, February 15, 2026
The NGINX Device Detection Module (ngx_http_device_type_module) performs high-performance device classification directly at the edge. It identifies mobile phones, tablets, desktops, gaming consoles, smart TVs, wearables, and bots—including AI crawlers like GPTBot and ClaudeBot. Traditional device detection solutions rely on external API calls. This adds latency and per-request costs. The NGINX device detection module performs detection […]
Read More...NGINX Honeypot 3.0: Advanced IP Blocking with nftables
by Danila Vershinin,
NGINX Honeypot 3.0 introduces the ngx_nftset_access module – a complete rewrite using modern nftables instead of legacy ipset. Auto-ban attackers, rate-limit abusers, and challenge bots with proof-of-work puzzles, all from within NGINX.
Read More...NGINX max_headers: Prevent Header-Flooding DoS
by Danila Vershinin, February 8, 2026
Learn how to use the max_headers directive in nginx-mod to limit the number of HTTP request headers and protect your server from header-flooding DoS attacks. Includes installation, configuration, and testing on RHEL-based systems.
Read More...fds FirewallD Made Easy: Trusted Lists
by Danila Vershinin,
Managing a Linux firewall shouldn’t require memorizing pages of firewall-cmd syntax. Yet that’s exactly what FirewallD demands for everyday tasks like blocking an abusive IP or whitelisting PayPal webhooks. Enter fds and trusted-lists — two tools from the GetPageSpeed repository that transform fds FirewallD management from painful to pleasant. Together, they give you: fds: Block […]
Read More...NGINX Digest Authentication: More Secure Than Basic Auth
by Danila Vershinin, February 7, 2026
Learn how to configure NGINX digest authentication using the ngx_http_auth_digest module. This guide covers installation, htdigest password files, brute-force protection, shared memory tuning, and when to choose digest auth over basic auth for securing your NGINX locations.
Read More...NGINX Sysguard: Automatic Protection Against Server Overload
by Danila Vershinin,
Learn how to protect your NGINX server from overload using the sysguard module. Configure load-based request rejection, memory protection, and response time monitoring for graceful degradation under pressure.
Read More...Recommended Web Hosting
