Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Topics of Interest - Common NGINX Misconfigurations That Leave Your Web Server Open To Attack

OWASP Foundation via YouTube

Overview

Explore common NGINX misconfigurations that can leave web servers vulnerable to attacks in this 21-minute conference talk by Spencer Pearlman from the OWASP Foundation. Analyze findings from Detectify's Security Research team's examination of nearly 50,000 unique NGINX configuration files. Learn about critical issues such as missing root directives, off-by-slash errors, CRLF-injection via Suri, and proxy-pass via regex. Gain valuable insights through demonstrations and receive practical remediation tips to enhance the security of your web servers powered by NGINX, which currently runs one-third of all websites worldwide.

Syllabus

Intro
Missing root directive
Off-by-slash
CRLF-injection via Suri
proxy-pass via regex

Taught by

OWASP Foundation

Reviews

Start your review of Topics of Interest - Common NGINX Misconfigurations That Leave Your Web Server Open To Attack

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.