Jump to content

Recommended Posts

Posted

The question is what benefit are you looking to gain from it.  Adding that layer in front is going to make things more difficult for you going forward.  For example, if Nginx has something cached, and you make a change in the ACP to a theme or a setting...  but it does not bust the Nginx cache, you could be stuck troubleshooting other issues you did not anticipate or need to potentially address.  

You're going to have to weigh if the benefit that comes from adding it is outweighed by the potential problems and the extra maintenance involved.  

Posted (edited)
1 hour ago, Randy Calvert said:

The question is what benefit are you looking to gain from it.

I was thinking security.

I use Nginx reverse proxy with the open source ModSecurity (Web Application Firewall) module for other public facing servers for compliance reasons, and want to do the same with IPS.

"Even when you understand security, it is difficult to create secure applications, especially when working under the pressures so common in today’s enterprise. The NGINX ModSecurity Web Application Firewall (WAF) protects applications against sophisticated Layer 7 attacks that might otherwise lead to systems being taken over by attackers, loss of sensitive data, and downtime. The NGINX ModSecurity WAF is based on the widely used ModSecurity open source software. "

 

  • Detect and stop a broad range of Layer 7 attacks:
  • SQL injection (SQLi), cross‑site scripting (XSS), and Local File Include (LFI), which which together account for over 90% of known Layer 7 attacks
  • Cross‑site request forgery (CSRF), Remote File Include (RFI), remote code execution (RCE), and HTTP protocol violations
  • Other common attack vectors, detected by your own custom regex‑based rules

 

1 hour ago, Randy Calvert said:

For example, if Nginx has something cached

I hear that, we could disable caching...

 

Edited by gigantor
Posted

I have moved this to the self hosted guidance forum for you, where it is better placed for someone to assist

  • 4 weeks later...
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...