NGINX Dynamic TLS Records: An Honest Benchmark in 2026
by Danila Vershinin, April 29, 2026
We rebuilt nginx-mod with Cloudflare’s 2015 dynamic TLS records patch and benchmarked it in a controlled rig with random interleave, CPU pinning, and 200 cold connections per condition. The “50% p95 TTFB win” we expected collapsed under noise control. Here are the honest numbers and what to do instead.
Read More...aws-lc NGINX in 2026: Why we still ship quictls
by Danila Vershinin, April 26, 2026
Why GetPageSpeed packages aws-lc on EL but still links nginx-mod against quictls in 2026: the honest current state of TLS for NGINX HTTP/3.
Read More...How to Enable NGINX HTTP/3 on Ubuntu and Debian
by Danila Vershinin, April 11, 2026
Getting NGINX HTTP/3 on Ubuntu to actually work is harder than the nginx docs make it look. You enable http3 on; in your NGINX config, restart, and Chrome still negotiates HTTP/2. Or worse: HTTP/3 appears to work, but connections silently die after every nginx -s reload. Both problems trace back to how stock Debian/Ubuntu nginx […]
Read More...NGINX LDAP Authentication: Complete Module Setup Guide
by Danila Vershinin, February 5, 2026
Learn how to set up NGINX LDAP authentication using the nginx-auth-ldap dynamic module. This guide covers installation from pre-built packages, Active Directory integration, LDAPS encryption, multi-server failover, authentication caching, and production security hardening.
Read More...NGINX TLS 1.3 Hardening: A+ SSL Configuration Guide
by Danila Vershinin, January 21, 2026
Learn how to configure NGINX for maximum TLS security with TLS 1.3, achieve an A+ SSL Labs rating, and use tools like Gixy for automated security validation. Complete guide with tested configurations for RHEL 9, Rocky Linux, and AlmaLinux.
Read More...
Free SSL for NGINX with Let’s Encrypt: Complete Guide
by Emily Serverwise, January 19, 2023
Learn how to configure free SSL for NGINX with Let’s Encrypt using DNS validation. This complete guide covers Cloudflare integration, automatic renewal, and production-ready TLS configuration.
Read More...Magento, PayPal, libcurl and RedHat = crazy together
by Danila Vershinin, May 16, 2019
How a bad warning can be misleading and corrupt systems
Read More...NGINX HSTS: Complete Strict-Transport-Security Guide
by Danila Vershinin, August 5, 2018
Learn how to configure NGINX HSTS (Strict-Transport-Security) correctly. This comprehensive guide covers the RFC 6797 specification, preload requirements, redirect patterns for www and non-www domains, common misconfigurations, and how to avoid SSL stripping attacks with verified configurations.
Read More...Recommended Web Hosting
