The latest articles on DEV Community by Krishna Modi (@krish512). https://dev.to/krish512 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F108835%2F6cefae3f-e289-4185-88a3-ccc124067902.jpeg https://dev.to/krish512 en Krishna Modi Fri, 19 Oct 2018 20:22:07 +0000 https://dev.to/krish512/nginx-with-brotli-and-modsecurity-5bbp https://dev.to/krish512/nginx-with-brotli-and-modsecurity-5bbp <p>Are you using Docker for your next deployment?</p> <p>How about web server? Nginx? Good choice!</p> <p>But how do you manage security?</p> <p>Docker is secured already? Myth! Wake up</p> <p>Yes, you need to handle your own security, Docker ain't gonna do shit to help you secure things up with public accessibility to your endpoints.</p> <p>Well, I recently bumped up into Nginx <a href="https://www.modsecurity.org/">ModSecurity</a> module and found it amazing.</p> <p>It handles a ton of vulnerabilities and keeps your app secure from a major web and SQL vulnerabilities which otherwise were not handled by nginx default.</p> <p>Also, <a href="https://github.com/google/brotli">Brotli</a> is a much better compression offered by Google, gives 20% extra compression as compared to GZip.</p> <p>Wow! isn't it? So how do you use this in your deployment?</p> <p>It takes a lot of building and compiling and configuring to get this working. 15 mins of minimum build time guaranteed!</p> <p>Don't worry, I've got your back and build a Docker image for you with all these together.</p> <p>Try <a href="https://github.com/krish512/docker_nginx_modsecurity">https://github.com/krish512/docker_nginx_modsecurity</a>,</p> <p>Latest Nginx with Modsecurity v3 and Brotli compression level 11</p> <p>PS: Not really promoting my repo, just helping the community with my contribution and expecting PRs raised towards the repo to make it more feature-rich.</p> nginx brotli docker modsecurity