Securing Applications with NGINX

Securing Applications with NGINX


Securing Applications with NGINX is an 8-hour course for individuals who want a deep understanding of NGINX and NGINX Plus's security features.


In Securing Applications with NGINX students identify and administer client-side and upstream encryption (SSL/TLS), configure access control (limit rates, blacklisting/whitelisting), setup authentication (basic auth, OAuth 2.0), and tune the NGINX proxy to have reliable, persistent, fast, secure connections. The second half of the course explores using NGINX Plus to secure API traffic, authenticate users with OpenID Connect, and blocking malicious traffic with the ModSecurity 3.0 WAF dynamic module


2 Days


  • Gain knowledge of core NGINX security directives
  • Correctly authenticate/sign APIs using NGINX Plus
  • Combine technologies to achieve SSO
  • Configure NGINX WAF (ModSecurity 3.0)
  • Understand the benefits and limitations of OWASP


Securing Applications with NGINX is intended for NGINX developers, DevOps, and administrators who want to make sure their solutions are a secure as they can be.


People enrolling in Securing Applications with NGINX should have completed NGINX Core, or have commensurate experience.


  • NGINX Plus Security Best Practices
    • Encryption
    • Lab: Set up an HTTPS Server
    • Lab: Secure Upstream Traffic
    • Access Control
    • Lab: Setup Limit Rate + Logging
    • Lab: Setup Dashboard and Dynamic Blacklisting
    • Authentication
    • Basic Auth
    • Security Performance Tips
  • Enterprise Security
    • API Gateway
    • Lab: JWT Authentication
    • Authorization Protocols
    • Single Sign On
    • Lab: Setup SSO using OpenID Connect
    • WAF
    • Lab: Enable WAF & set up a test rule
    • OWASP Core Rule Set
    • Lab: Enable and Test CRS
    • Lab: Setup Project Honeypot

Upcoming Classes


Instructor-led online training

Location Jan 2020 Feb 2020 Mar 2020 Apr 2020 May 2020
Online Mar 10 – Mar 11

Classes in bold are guaranteed to run!

Onsite Training

For groups of three or more

Request Quote

Public Training


Don't see a date that works for you?

Request Class