Topics of Interest - Common NGINX Misconfigurations That Leave Your Web Server Open To Attack
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore common NGINX misconfigurations that can leave web servers vulnerable to attacks in this 21-minute conference talk by Spencer Pearlman from the OWASP Foundation. Analyze findings from Detectify's Security Research team's examination of nearly 50,000 unique NGINX configuration files. Learn about critical issues such as missing root directives, off-by-slash errors, CRLF-injection via Suri, and proxy-pass via regex. Gain valuable insights through demonstrations and receive practical remediation tips to enhance the security of your web servers powered by NGINX, which currently runs one-third of all websites worldwide.
Syllabus
Intro
Missing root directive
Off-by-slash
CRLF-injection via Suri
proxy-pass via regex
Taught by
OWASP Foundation
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube