Nginx logo

We all want to create secure applications that will never be breached. But the almost weekly news of a high‑profile company being hacked is a stark reminder of how challenging security really is. And with the prevalence of scanners, rootkits, and other malicious tools, it’s easier than ever for anyone with even minimal technical knowledge to begin hacking websites. Though getting breached may feel like an inevitability, we should still take all the precautions we can to protect our apps and data.

A great tool for securing applications is ModSecurity, used by over a million sites around the world. It protects against a broad range of Layer 7 attacks, such as SQL injection (SQLi), local file inclusion (LFI), and cross‑site scripting (XSS), which together accounted for 95% of known Layer 7 attacks in Q1 2017, according to Akamai. Best of all, ModSecurity is open source.

Related Post:  That unstable ProtonVPN connection in the US

The latest version, ModSecurity 3.0, breaks new ground with a modular architecture that runs natively in NGINX. Previous versions worked only with the Apache HTTP Server. We recently released ModSecurity 3.0 as a dynamic module for NGINX Plus, but as of this writing there is no prebuilt ModSecurity dynamic module for open source NGINX. In this blog we show how to create a ModSecurity 3.0 dynamic module for use with open source NGINX.

Related Post:  How to access your Windows 10 files from Linux on a dual-boot system

Installation Overview:

In NGINX 1.11.5 and later, you can compile individual dynamic modules without compiling the complete NGINX binary. After covering the compilation process step by step, we’ll explain how to load the ModSecurity dynamic module into NGINX and run a basic test to make sure it’s working.

Read the complete article here.

Nginx logo

Share:

Share on facebook
Facebook
Share on twitter
Twitter
Share on pinterest
Pinterest
Share on linkedin
LinkedIn

Hola! Did you notice that LinuxBSDos.com no longer runs network ads?  Yep, no more ads from the usual suspects that track you across the Internet.  But since  I still need to pay to keep the site running, feel free to make a small donation by PayPal.

Subscribe for updates. Trust me, no spam!

Mailchimp Signup Form

Sponsored links

1. Attend Algorithm Conference, a top AI and ML event for 2020.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the latest

On social media
Via my newsletter
Mailchimp Signup Form

Sponsored links

1. Attend Algorithm Conference, a top AI and ML event for 2020.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.
Hacking, pentesting distributions

Linux Distributions for Hacking

Experts use these Linux distributions for hacking, digital forensics, and pentesting.

Categories
Archives

The authors of these books are confirmed to speak during

Algorithm Conference

T-minus AI

Author was the first chairperson of AI for the U.S. Air Force.

The case for killer robots

Author is the Director of the Center for Natural and Artificial Intelligence.

Why greatness cannot be planned

Author works on AI safety as a Senior Research Scientist at Uber AI Labs.

Anastasia Marchenkova

An invitation from Anastasia Marchenkova

Hya, after stints as a quantum researcher at Georgia Tech Quantum Optics & Quantum Telecom Lab, and the University of Maryland Joint Quantum Institute, I’m now working on superconducting qubit quantum processors at Bleximo. I’ll be speaking during Algorithm Conference in Austin, Texas, July 16 – 18, 2020. Meet me there and let’s chat about progress and hype in quantum computing.