With 13% of the overall web server market share, the high performance open source HTTP server Nginx is a rising star in the pantheon of web server heavyweights. Even the most hardcore of Microsoft aficionados are dropping IIS in favor of Nginx in Windows Server environments; for those with stringent performance/speed requirements, Nginx can't be beat. But like all web servers, the fastest growing solution on the market is not without its security shortcomings. The following are the top 10 ways to harden Nginx for Windows.
The biggest players in the web server business, Apache and IIS, have had the field to themselves for a long time. Now, however, they have to contend with a few seriously capable upstarts, the most prominent of which is Nginx (pronounced ‘engine-x’). This young turk was first developed in 2002 and boasts a growing, dedicated following among many webmasters. Nginx’s popularity is mainly due to being open-source and having the desirable combination of high performance and low resource consumption. It is important to note that Nginx is most often compared to Apache due to its similar open-source philosophy.
Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.