Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities. Give it a list of URLs (Burp Suite is namechecked here) and turn it loose, and it'll look for misconfigurations.
The Ultimate Nginx Bad Bot, User-Agent, Spam Referrer Blocker, Adware, Malware and Ransomware Blocker, Clickjacking Blocker, Click Re-Directing Blocker, SEO Companies and Bad IP Blocker with Anti DDOS System, Nginx Rate Limiting and Wordpress Theme Detector Blocking. Stop and Block all kinds of bad internet traffic even Fake Googlebots from ever reaching your web sites.
A tool that can turn a flat nginx.conf file into an Ubuntu-style included multi-file configuration structure, the Ubuntu-type configs into a single flat nginx.conf file, or it can start over with a brand-new configuration.
Written as a shell script for portability.
How to configure nginx to transparently pass through some requests to a node.js server running on another port.
A list of the top 20 security practices for the NginX web server. Worth it for the SElinux and /etc/sysctl.conf modifications alone.
How to harden SSL support on your web server to mitigate attacks like BREACH, BEAST, and Lucky 13. Updated regularly.
How to configure nginx to block certain user agents from accessing a site.
Github repo for RPnow, a simple web chat service optimized for roleplaying. Entirely ad-hoc. Uses nodejs and mongodb. Server runs on the back end, proxied by Nginx.
A tutorial on how to harden SSL and TLS in Nginx. Includes changing and increasing the size of Diffie-Hellman parameters for better security.
4980 links, including 377 private