NGINX Security Guides
Learn how to secure, harden, and optimize your NGINX configuration with our comprehensive guides covering 30+ security checks.
Why Choose Gixy?
Learn what Gixy is, how it compares to alternatives, and why 1,200+ developers trust it for NGINX security.
Getting StartedNGINX Security Scanning 101
Your first steps with Gixy: installation, basic usage, and understanding scan results.
DevOpsCI/CD Integration Guide
Automate NGINX security checks in GitHub Actions, GitLab CI, Jenkins, and other pipelines.
MonitoringContinuous Security Monitoring
24/7 NGINX monitoring with automatic Gixy security scans. The NGINX Amplify alternative.
NGINX Hardening Checklist
A complete checklist of security configurations every production NGINX server should have.
HeadersSecurity Headers Deep Dive
Configure HSTS, CSP, X-Frame-Options, and other security headers correctly in NGINX.
TLSSSL/TLS Best Practices
Modern cipher suites, TLS 1.3, protocol configuration, and certificate setup for maximum security.
HardeningHide NGINX Version
Disable server_tokens to prevent attackers from identifying known vulnerabilities in your version.
Preventing SSRF in NGINX
Understand how Server Side Request Forgery happens in NGINX and how to prevent it.
SecurityHTTP Response Splitting
Learn how CRLF injection attacks exploit headers and secure your add_header directives.
SecurityAlias Path Traversal
Common mistakes with the alias directive that expose your filesystem to attackers.
SecurityHost Header Spoofing
Prevent host header injection attacks that enable password reset poisoning and cache poisoning.
SecurityReDoS Prevention
Avoid catastrophic backtracking in regex patterns that can freeze your NGINX workers.
SecurityOrigin & Referer Validation
Properly validate CORS origins and referers to prevent bypass attacks and hotlinking.