Practical Security Tips
20.0 Introduction
Security is done in layers, and much like an onion, there must be
multiple layers to your security model for it to be truly hardened. In
Part II of this book, we’ve gone through many different ways to
secure your web applications with NGINX and NGINX Plus. Many
of these security methods can be used in conjunction to help harden
security. The following are a few more practical security tips to
ensure your users are using HTTPS and to tell NGINX to satisfy one
or more security methods.
20.0 介绍
我们的系统通常是分层的,所以安全策略需要依据不同的分层架构指定解决方案。
在本书的第二部分,已经介绍了诸多安全策略方案。其中的部分章节中的解决方
案能够用于加强安全防御能力。在这个章节,将从实战角度出发,讲解构建安全
的 HTTPS 协议和 NGINX 服务器的方法。