Summary
The NGINX ModSecurity WAF is a web application firewall based on ModSecurity 3.0, which works natively as a dynamic module for NGINX Plus. It can be used to stop a broad range of Layer 7 attacks and respond to emerging threats with virtual patching.
1
It is available to NGINX Plus customers as a downloaded dynamic module at an additional cost.
2
It supports the OWASP CRS, which provides the rules for the NGINX ModSecurity WAF to block SQL Injection (SQLi), Remote Code Execution (RCE), Local File Include (LFI), cross‑site scripting (XSS), and many other attacks.
3
According to
Summary
The NGINX ModSecurity WAF is a web application firewall (WAF) based on ModSecurity 3.0, a rewrite of the ModSecurity software that works natively as a dynamic module for NGINX Plus. The NGINX ModSecurity WAF can be used to stop a broad range of Layer 7 attacks and respond to emerging threats with virtual patching.
NGINX ModSecurity WAF
nginx.com
Summary
This chapter explains how to install the NGINX ModSecurity WAF, configure a simple rule, and set up logging. It is available to NGINX Plus customers as a downloaded dynamic module at an additional cost, and can be used to protect web applications against SQL Injection, Remote Code Execution, Local File Include, cross-site scripting, and many other attacks. To configure a simple rule, users can create a demo web application, configure NGINX Plus as a reverse proxy, and configure NGINX Plus as a load balancing.
Installing the NGINX ModSecurity WAF | NGINX ModSecurity WAF
nginx.com
ModSecurity and nginx Until now, nginx has not been able to benefit from the security ModSecurity provides. Here's how to install ModSecurity and get it ...
ModSecurity and nginx | Linux Journal
linuxjournal.com
The NGINX ModSecurity web application firewall (WAF) module protects against Layer 7 attacks such as SQLi, XSS, CSRF, LFI, RFI, and more.
NGINX ModSecurity WAF module | NGINX
nginx.com
