Viewing posts tagged nginx

git-http-backend with Nginx and fastcgi

When you plan to run git-http-backend (which might be a part of Zuul's setup in your CI/CD) along side with Nginx and fastcgi, ensure to put there a proper config in the location, to avoid errors like:

Nginx with ModSecurity

In one of my previous notes I wrote about firewalling web applications using NAXSI WAF. In this post I'll write small howto on getting ModSecurity module to work with Nginx webserver.

Firewalling web applications using NAXSI WAF

Any web application can have a security bug, which exploited, may allow the attacker to gain unauthorized access to crucial application components, and, unfortunately, lead to a leakage of a sensitive data. One of the common ways to defend the zero days is to use WAF (Web Application Firewall). In this tutorial I'll put some light on a dedicated Nginx WAF external module called NAXSI (Nginx Anti XSS & SQL Injection), the ModSecurity equivalent for Apachers, by the way...