A CORS proxy is a service that allows sites to access resources from other websites, without having to own that website in case when no Access-Control-Allow-Origin header is present on the requested resource. This article shows how to create one with the help of nginx and without writing a single line of code.
nginx: Mitigating the BREACH Vulnerability with Perl and SSI or Addition or Substitution Modules
BREACH (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext) is a security exploit against HTTPS when using HTTP compression. This article shows several ways to deal with BREACH using Length Hiding technique with nginx’s builtin modules.
How to Import Cloudflare IP List into nginx ACL Automatically
When using Cloudflare to hide IP address of the origin server (for example, to protect against DoS attacks), it is important to configure ACLs to allow connections to the origin server only from Cloudflare IPs. However, the list of Cloudflare IP ranges is not static, it changes over time. This post describes how to import this list into nginx automatically.
How to Get Maximum Score in SSL Labs Test (nginx)
This article provides a configuration for nginx that successfully passes SSL Labs tests with A or A+ mark, and 100% score for all metrics (certificate, protocol support, key exchange, cipher strength).
TLS Configuration for nginx to Get A+ in HTBridge and SSL Labs Tests
This post presents a TLS configuration for nginx to get A+ score in HTBridge and SSL Labs tests. According to HTBridge, this configuration is compliant with PCI DSS, NIST, and HIPAA guidelines.