2017-09-05 23:29:48 +00:00
# awesome-nginx-security
2017-09-05 23:43:08 +00:00
A curated list of awesome links related to application/API security in NGINX environment.
2017-09-05 23:37:12 +00:00
## WAF (Web Application Firewalls) for nginx
2017-09-05 23:37:26 +00:00
- [mod_security ](https://github.com/SpiderLabs/ModSecurity-nginx )
2017-09-05 23:48:35 +00:00
- [naxsi ](https://github.com/nbs-system/naxsi ) - NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX.
2017-09-05 23:37:26 +00:00
- [wallarm ](https://wallarm.com )
2017-09-05 23:37:12 +00:00
2017-09-05 23:29:48 +00:00
## Talks
2017-09-05 23:54:58 +00:00
- [Building a Security Shield for Your Applications with NGINX & Wallarm (nginx.conf 2017). Transcript ](https://www.nginx.com/blog/build-application-security-shield-with-nginx-wallarm )
- [Behavior Based Security with Repsheet: Aaron Bedra @nginxconf 2014 (video) ](https://www.youtube.com/watch?v=9AyaVxzqYoA )
2017-09-05 23:43:08 +00:00
# Articles
2017-09-05 23:54:58 +00:00
- [Let's Encrypt & Nginx ](https://letsecure.me/secure-web-deployment-with-lets-encrypt-and-nginx/ )
- [Installing the Nginx Plus with mod_security WAF ](https://www.nginx.com/resources/admin-guide/nginx-plus-modsecurity-waf-installation-logging/ )
2017-09-05 23:43:08 +00:00
2017-09-06 00:05:14 +00:00
## Bot mitigation / Anti-scrapping / Account taked-over prevention
- [testcookie-nginx-module ](https://github.com/kyprizel/testcookie-nginx-module ) - Simple robot mitigation module using cookie based challenge/response technique