Securing Applications with NGINX+

Securing Applications with NGINX is an 8-hour course for individuals who want a deep understanding of NGINX and NGINX Plus's security features.

Securing Applications with NGINX students identify and administer client-side and upstream encryption (SSL/TLS), configure access control (limit rates, blacklisting/whitelisting), setup authentication (basic auth, OAuth 2.0), and tune the NGINX proxy to have reliable, persistent, fast, secure connections. The second half of the course explores using NGINX Plus to secure API traffic, authenticate users with OpenID Connect, and blocking malicious traffic with the ModSecurity 3.0 WAF dynamic module.

Objectives

• Implement NGINX security directives according to best practices
  
• Encrypt both front-end and back-end traffic
  
• Configure NGINX WAF using ModSecurity 3.0
  
• Understand the benefits and limitations of OWASP
  
• Set up JWT authentication
  
• Enforce rate limiting