Hi,
Our deployment uses Lua scripts to add authentication / certain other checks
at the proxy. It does this by the required configuration from the upstream
server and then refreshing it periodically. However, this does add some
memory to each worker process and the refreshes will also hit the up
Thanks Maxim. I saw this tool too but i was not sure if it has a good
breadth of coverage.
Their github readme seems to list a few vulnerabilities and i was thinking
perhaps that could be inadequate.
Thank you.
Arun
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,291451,291510#msg
Hi,
We intend to deploy Nginx as a reverse proxy and want to be sure it is as
secure as possible.
Are there any recommended scanners to check whether the rules have any holes
in them ?
eg acutenix?
Which is the defacto hardening guide for securing Nginx rules apart from the
CIS published one
