Rate limiting is a server-side defence that restricts how many requests a client can make within a time window. Without rate limiting, a single IP address or bot can flood your server with thousands of requests per second — crashing your application, exhausting your database connection pool, or triggering denial-of-service conditions. Nginx provides two rate […]
ModSecurity as a dynamic Nginx module extends Nginx with WAF capabilities, blocking SQL injection, XSS, command injection, and hundreds of other attack patterns defined by the OWASP Core Rule Set. Unlike the Apache version which uses the stable mod_security2, the Nginx connector uses the newer libmodsecurity3 C++ library with a ngx_http_modsecurity_module connector. On RHEL 9, […]
ModSecurity is the leading open-source Web Application Firewall (WAF), capable of inspecting all HTTP requests and responses against a ruleset and blocking malicious traffic including SQL injection, cross-site scripting (XSS), remote file inclusion, and OWASP Top 10 attack patterns. Combined with the OWASP Core Rule Set (CRS), ModSecurity transforms Apache into a security gateway that […]
Caddy is a modern, open-source web server written in Go that stands out for one defining feature: automatic HTTPS. Caddy obtains and renews TLS certificates from Let’s Encrypt or ZeroSSL automatically, with zero configuration required beyond specifying a domain name. It also supports HTTP/2 and HTTP/3 (QUIC) out of the box, and its declarative Caddyfile […]
Load balancing distributes incoming requests across multiple backend servers, preventing any single server from becoming a bottleneck and providing horizontal scalability and fault tolerance. Nginx supports four load balancing methods natively: round-robin (the default), least connections, IP hash (session persistence), and weight-based. The upstream block defines the pool of backend servers and their weights, and […]
HTTP/2 is the second major version of the HTTP protocol, standardised in 2015, and offers significant performance improvements over HTTP/1.1: header compression (HPACK), multiplexing (multiple requests over a single connection), server push, and binary framing. On a typical webpage with dozens of assets (CSS, JavaScript, images, fonts), HTTP/2 multiplexing eliminates the head-of-line blocking that forces […]
Apache’s mod_proxy module turns Apache into a powerful reverse proxy and gateway, forwarding requests to backend application servers, other web servers, or balancer clusters. Unlike Nginx’s reverse proxy (which is native), Apache’s proxy functionality is modular: mod_proxy handles the core proxying, mod_proxy_http handles HTTP/1.1, mod_proxy_balancer provides load balancing, and mod_proxy_wstunnel handles WebSocket tunnelling. On RHEL […]
A reverse proxy sits in front of one or more backend application servers, forwarding client requests to them and returning their responses to the client. From the client’s perspective, the reverse proxy is the web server. This architecture provides centralized SSL termination, load balancing, caching, rate limiting, and DDoS mitigation without exposing backend application ports […]
Like Nginx, Apache can be secured with free SSL/TLS certificates from Let’s Encrypt using Certbot. The python3-certbot-apache plugin performs domain validation, obtains the certificate, and automatically updates your Apache virtual host configuration with the SSL directives, HTTP-to-HTTPS redirect, and modern cipher settings. This guide covers installing Certbot on RHEL 9, obtaining a certificate for your […]
HTTPS is no longer optional — browsers mark HTTP sites as “Not Secure”, search engines penalise them in rankings, and many modern browser APIs (service workers, geolocation, camera access) require a secure context. Let’s Encrypt provides free, automated, and trusted SSL/TLS certificates via the ACME protocol, and Certbot is the recommended ACME client that handles […]
Progressive Robot: Your Gateway to Comprehensive IT Solutions — Specializing in Web Development, Mobile App Development, and Expert IT Services.
© All Copyright by Progressiverobot.com
VAT Number ( 506152326 )
