Topics of Interest - Common NGINX Misconfigurations That Leave Your Web Server Open To Attack
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore common NGINX misconfigurations that can leave web servers vulnerable to attacks in this 21-minute conference talk by Spencer Pearlman from the OWASP Foundation. Analyze findings from Detectify's Security Research team's examination of nearly 50,000 unique NGINX configuration files. Learn about critical issues such as missing root directives, off-by-slash errors, CRLF-injection via Suri, and proxy-pass via regex. Gain valuable insights through demonstrations and receive practical remediation tips to enhance the security of your web servers powered by NGINX, which currently runs one-third of all websites worldwide.
Syllabus
Intro
Missing root directive
Off-by-slash
CRLF-injection via Suri
proxy-pass via regex
Taught by
OWASP Foundation
Related Courses
Evaluación de peligros y riesgos por fenómenos naturalesUniversidad Nacional Autónoma de México via Coursera Internet Security
openHPI Planning a Security Incident Response
Microsoft via edX Cyber Security
CEC via Swayam Ethical Hacking
Indian Institute of Technology, Kharagpur via Swayam