linux logo

Goals


- Master nginx, from the web server to the WAF, via the reverse proxy

Program

Presentation of nginx
History and versions
Economic model, nginx plus
Ecosystem, modules and packages

Reminder of how the protocol works
How TLS / HTTPS works: multiple hosting problems
Introduction to SPDY and HTTP / 2
Details of the protocol to understand the configuration

Global configuration file
Directives and core configuration
Definition of roots
Operation of virtual hosts (vhosts)
Address rewriting
Log configuration
Implementation of HTTPS, with vhosts (SNI, wildcard, etc.)

Practical workshop : installation and configuration of nginx, creation of several vhosts

Presentation of the operating modes: HTTP FastCGI, uwsgi, SCGI, memcached
Detail of the HTTP
reverse proxy
Detail of the FastCGI reverse proxy Detail of uwsgi
Specific use as a cache server

Practical workshop : setting up a reverse proxy for a Tomcat server, using PHP-FPM to operate FastCGI with PHP, setting up a transparent cache for static HTTP content

Simple load balancing: multiple servers
Monitoring of backend servers, weighting
SSL termination and offloading Hot reconfiguration, detection of DNS changes

Practical workshop : setting up a loadbalancer with nginx, with active fault detection and weighting, setting up an SSL offloader.

Introduction to web application security
Comparison of the different types of attack
Limitation of the application’s attack perimeter by configuration
Implementation of Naxsi
Use of nxutil and generation of white lists
Quick presentation and use of a Fail2Ban profile for naxsi

Practical workshop : Configuration of nginx to protect a PHP application, installation and configuration of naxsi, rule learning on a CMS

Duration

3 days

Price

£ 2148

Audience

Linux system administrators

Prerequisites

Knowledge on Linux system administration

Reference

LIN988-F

Sessions

Contact us for more informations about session date