Book Image

NGINX Cookbook

By : Tim Butler
Book Image

NGINX Cookbook

By: Tim Butler

Overview of this book

NGINX Cookbook covers the basics of configuring NGINX as a web server for use with common web frameworks such as WordPress and Ruby on Rails, through to utilization as a reverse proxy. Designed as a go-to reference guide, this book will give you practical answers based on real-world deployments to get you up and running quickly. Recipes have also been provided for multiple SSL configurations, different logging scenarios, practical rewrites, and multiple load balancing scenarios. Advanced topics include covering bandwidth management, Docker container usage, performance tuning, OpenResty, and the NGINX Plus commercial features. By the time you've read this book, you will be able to adapt and use a wide variety of NGINX implementations to solve any problems you have.
Table of Contents (14 chapters)

Configuring HSTS in NGINX

HTTP Strict Transport Security (HSTS) is an enhancement to the HTTP protocol that is designed to enforce strict security standards to help protect your site and users. HSTS does a number of things. Firstly, it ensures that all requests must be made via HTTPS. This ensures that data isn't accidentally sent via HTTP and, therefore, left unencrypted.

Secondly, it ensures that only a valid certificate can be accepted. In our previous examples, we used a self-signed certificate and the browser allowed us to bypass the security check. With HSTS enabled, this is no longer possible. This means that attempts to emulate your site or man-in-the-middle attacks where a different certificate is used are now no longer possible.

How to do it...