Not fair! How come Apache gets its modsecurity module pre-compiled and available in public repositories, but Nginx hides it behind a paywall of their "Plus" package/version?

Ugh... At least they provide the module's source, so one can compile and deploy it by himself...

Tencent NGinx fork.

@IntrusionCM not in debian repo => equally as useless :/

@Aldar well...

I think that's not (fully) true. But I pointed out just n alternative, as NGinx truly sucks without paid pro license

Really anything you need or that makes sense, from monitoring to DNS resolve / upstream is plus.

NGINX = pay or suck my donkey balls.

@IntrusionCM As someone who works in bottom-end enterprise sector at most, most of our customers couldn't / wouldn't want to pay for a $2000 / Machine license.

And so, maybe sadly, I know only the opensource free Nginx, yet I still consider it to be much better than Apache by now.

That said... I might take a look at the tencent fork myself in my free time. Some customers here might benefit from its additions, and maybe, juuuuust maybe, I might be able to get it into use here.

I sounded a little dismissive before, but in retrospect, thank you for bringing it to my attention. I'll see what it can do.

@Aldar :)

The useless triggered me a bit, yes. :)

They don't package it - yes. But Alibaba and others use it - simply put, they decided that it's cheaper to hire devs than to pay the ridiculously license fees for their whole network (which would be an absurd amount of money I guess, as Alibaba is fucking huge)

use openresty