I was thinking security.
I use Nginx reverse proxy with the open source ModSecurity (Web Application Firewall) module for other public facing servers for compliance reasons, and want to do the same with IPS.
"Even when you understand security, it is difficult to create secure applications, especially when working under the pressures so common in today’s enterprise. The NGINX ModSecurity Web Application Firewall (WAF) protects applications against sophisticated Layer 7 attacks that might otherwise lead to systems being taken over by attackers, loss of sensitive data, and downtime. The NGINX ModSecurity WAF is based on the widely used ModSecurity open source software. "
Detect and stop a broad range of Layer 7 attacks:
SQL injection (SQLi), cross‑site scripting (XSS), and Local File Include (LFI), which which together account for over 90% of known Layer 7 attacks
Cross‑site request forgery (CSRF), Remote File Include (RFI), remote code execution (RCE), and HTTP protocol violations
Other common attack vectors, detected by your own custom regex‑based rules
I hear that, we could disable caching...