
🔥 A curated list of awesome links related to application/API security in NGINX environment.


A curated list of awesome links related to application/API security in NGINX environment.




  • gixy - a tool to analyze Nginx configuration to prevent security misconfiguration
  • nginxconfig.io - GitHub - Online nginx configuration generator for general purposes.

WAFs (Web Application Firewall) for Nginx

  • mod_security - mod_security for NGINX
  • naxsi - NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX.
  • NGINX 3rd Party Modules - a list of third-party modules (including security-related) for NGINX and NGINX Plus, created and maintained by members of the NGINX community
  • wallarm - NG-WAF for NGINX with the security rules adjusted with AI

Bot mitigation / Anti-scrapping / Account take-over prevention

NGINX forks

  • SEnginx - Security-Enhanced nginx
  • lua-resty-waf - High-performance WAF built on the OpenResty stack
