\n
![](\"https:\/\/jirak.net\/wp\/wp-content\/uploads\/2016\/02\/logo-buydig.com_.gif\"){kind=logo}
<\/p>\nBuydig.com Gets Enhanced Security and Performance with NGINX Plus
\n<\/p>\n
<\/p>\n
![\"Logo](\"https:\/\/assets.wp.nginx.com\/wp-content\/uploads\/2016\/02\/logo-buydig.com_.gif\"){kind=logo}
<\/p>\n
<\/p>\n
Buydig.com is a fast growing e-commerce store with nearly 50,000 daily visitors \u2013 and even more during its peak shopping season. From photography equipment to computer accessories to home entertainment systems, Buydig.com offers a comprehensive selection of consumer electronics at low prices across several countries. <\/p>\n
<\/p>\n
![\"Image](\"https:\/\/assets.wp.nginx.com\/wp-content\/uploads\/2016\/02\/Buydig.com-ecommerce-website.png\")
<\/p>\n
<\/p>\n
In 2003 \u2013 the early days of Buydig.com \u2013 the website was built as a two-layer application, with a Microsoft IIS web server and SQL Server as the backend database. But as the number of visitors increased over time, that architecture couldn\u2019t keep up with the traffic. Pages slowed down and eventually stopped responding. Also, without a frontend load balancer and reverse proxy, Buydig.com was vulnerable to denial-of-service attacks.<\/p>\n
\u201cOur search for a better solution started when we encountered a distributed denial-of-service attack, which is common for websites. In this attack, several computers were programmed to hit a page on our site at the same time. CPU usage went up and, unfortunately, our site went down. When the site came back up, it was slow and not performing well. We had to come up with a better way, so we started looking for new solutions,\u201d says Charles Bender, Director of IT at Buydig.com.<\/p>\n
Buydig.com<\/a> needed a frontend solution that is easy to configure, serves pages quickly regardless of site traffic volume, protects its backend servers and database from malicious traffic, and provides a fault-tolerant architecture with the potential to scale. <\/p>\n After trying several other solutions without seeing improvement, Buydig.com looked into NGINX Plus as a frontend load balancer<\/a>. <\/p>\n \u201cWe just weren\u2019t getting the performance, security, and scalability that we needed with the alternatives. The other products we tried all lacked the flexibility, power, and performance of NGINX Plus,\u201d says Bender. \u201cWith NGINX Plus, we found a solution that is uniquely tuned to our needs.\u201d<\/p>\n Built from the world\u2019s most popular open source web server for high-traffic websites, NGINX Plus adds enterprise-ready features into one easy-to-deploy package, and was a great fit for Buydig.com\u2019s needs. <\/p>\n Buydig.com implemented NGINX Plus in its frontend application layer, completely separate from its backend servers. NGINX Plus handles all incoming HTTP and HTTPS traffic and is hosted in Amazon Web Services (AWS). Buydig.com has two locations in Amazon \u2013 US East and US West \u2013 with two EC2 instances in each running Red Hat Enterprise Linux 7 and NGINX Plus. Requests come from clients to Amazon data centers where they are first processed by NGINX Plus, which is the front line for all of Buydig.com\u2019s traffic. <\/p>\n With NGINX Plus, Buydig.com is able to easily handle a very large number of concurrent connections, which protects its backend application from becoming overloaded and gives the site improved uptime and performance. Because of NGINX Plus\u2019s HTTP keepalive connections<\/a>, Buydig.com is able to pool the connections as they come in so that there are as few as possible on the backend. <\/p>\n \u201cSince implementing NGINX Plus as our frontend load balancer and reverse proxy to handle all incoming traffic, it has not died or even slowed down once. The performance is fantastic. We need to keep connection usage low on the backend, and NGINX Plus allows us to do exactly that with extreme ease,\u201d says Bender. <\/p>\n Bender also noted, \u201cWe just finished our first holiday season with NGINX Plus and it performed flawlessly, so we’re definitely very happy with it.\u201d<\/p>\n Buydig.com takes advantage of NGINX Plus’ powerful configuration language and customizes it to meet the needs of its backend application. With the flexibility offered through features such as location blocks, Buydig.com is able to handle different parts of its site effectively. <\/p>\n For example, the main scripts used by the entire Buydig.com site are hosted in a single directory. Buydig.com protects this directory location against abuse and unauthorized traffic by rate limiting requests and implementing access controls. For other locations, such as the \/assets directory that stores static assets such as images and CSS stylesheets, Buydig.com does not use rate limiting because it can slow down page loading (or even make it fail) if clients can\u2019t pull up the images quickly. \u201cBeing able to use the location blocks within NGINX Plus to customize settings is very flexible and powerful for us,\u201d says Bender.<\/p>\n NGINX Plus provides Buydig.com several other security enhancements. To ensure security and privacy, the checkout process for Buydig.com and its sister site, Beachcamera.com, are encrypted. The support for TLS SNI in NGINX Plus<\/a> enables Buydig.com to use one IP address to encrypt and serve both sites. <\/p>\n \u201cWe have multiple SSL sites on multiple servers so TLS SNI is a no-brainer for us,\u201d says Bender. \u201cIt requires practically zero config. Using TLS SNI in NGINX Plus, we can get the site security we need and massively simplify things at the same time. TLS SNI takes out complexity.\u201c<\/p>\n Next, NGINX Plus offers flexible logging, where the log format can be customized as needed. As an e-commerce site that accepts credit cards for online purchases, Buydig.com must comply with the Payment Card Industry (PCI) security standard, which includes requirements for logging all traffic. Logging of Buydig.com\u2019s traffic used to be complicated because HTTP is used when users first enter and browse on the site, but if they make a purchase, HTTPS must be used during the check-out process. <\/p>\n With other solutions, Buydig.com was faced with two separate sets of log files \u2013 one for HTTP and another for HTTPS \u2013 in different formats, which made it difficult to log a complete request path. With the flexible logging in NGINX Plus, Buydig.com is able to combine both HTTP and HTTPS logs together. \u201cBeing able to have combined logs within NGINX Plus helps us meet PCI compliance and is really useful for debugging,\u201d says Bender.<\/p>\n Since Buydig.com has two backend servers, they need to know if one locks up and stops serving pages. Health checks in NGINX Plus<\/a> allow for effective load balancing in the event of a failed server, and let Buydig.com complete routine maintenance without disrupting traffic flow or the user experience. <\/p>\n \u201cOur site is being continually worked on, both to add new features and upgrade servers, so we need to be able to update a web node without taking the whole site offline. With health checks in NGINX Plus, we can gracefully remove a server from the load-balancing pool so it can be worked on, and then easily reintroduce it when the work is done. It\u2019s as simple as renaming a file. The health checks in NGINX Plus definitely make it easy for us to perform server maintenance and release new features,\u201d says Bender. <\/p>\n Also, because NGINX Plus continuously monitors the backend application and redirects traffic when failure is detected, Buydig.com is able to mitigate DDoS attacks<\/a>. <\/p>\n \u201cNGINX Plus shields us from DDoS attacks. We\u2019re happy with the improved performance and By adding NGINX Plus for load balancing<\/a> in its frontend application layer, implementing health checks<\/a>, and combining HTTP and HTTPS logs, Buydig.com has dramatically improved site reliability and performance. NGINX Plus provides speed and security, so Buydig.com can focus on selling great products with great service to its growing customer base. <\/p>\n \u201cWe tried a lot of different technologies to improve performance. NGINX Plus stood out from the beginning, and right away it did what we needed it to do. And when a new challenge came up, it still did what we needed it to do. NGINX Plus is dynamic and flexible. It works really well, and helps us achieve our goals,\u201d says Bender. <\/p>\n Buydig.com is a pioneering retailer of consumer electronics located in Edison, New Jersey. The company is a truly comprehensive source of camera, video, home entertainment, and assorted consumer electronics equipment. Buydig.com is a four-time Platinum Winner of the Bizrate Circle of Excellence Award. <\/p>\n The post Buydig.com Gets Enhanced Security and Performance with NGINX Plus<\/a> appeared first on NGINX<\/a>.<\/p>\n Source: Buydig.com Gets Enhanced Security and Performance with NGINX Plus<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" Buydig.com Gets Enhanced Security and Performance with NGINX Plus Securing and Simplifying a High Traffic E-Commerce Website Situation Buydig.com is a fast growing e-commerce store with nearly 50,000 daily visitors \u2013 and even more during its peak shopping season. From photography equipment to computer accessories to home entertainment systems, Buydig.com offers a comprehensive selection of consumer electronics at low prices across several countries. In 2003 \u2013 the early days of Buydig.com \u2013 the website was built as a two-layer application, with a Microsoft IIS web server and SQL Server as the backend database. But as the number of visitors increased over time, that architecture couldn\u2019t keep up with the traffic. Pages slowed down and eventually stopped responding. Also, without a frontend load balancer and reverse proxy, Buydig.com was vulnerable to denial-of-service attacks. \u201cOur search for a [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":6029,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[169],"tags":[652],"class_list":["post-6028","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-nginx"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/6028","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=6028"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/6028\/revisions"}],"predecessor-version":[{"id":6030,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/6028\/revisions\/6030"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media\/6029"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=6028"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=6028"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=6028"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Solution<\/b><\/h3>\n
![\"\u201cSince](\"https:\/\/assets.wp.nginx.com\/wp-content\/uploads\/2016\/02\/Buydig.com-quote-Charles-Bender-NGINX-Plus-performance-is-fantastic.png\")
<\/p>\nResults<\/b><\/h3>\n
> Fantastic Performance<\/b><\/h4>\n
> Powerful Configuration Tools<\/b><\/h4>\n
> Enhanced Security<\/b><\/h4>\n
> Hardened Application from Health Checks<\/b><\/h4>\n
\nsecurity we get with NGINX Plus,\u201d says Bender. <\/p>\n![\"\u201cWe](\"https:\/\/assets.wp.nginx.com\/wp-content\/uploads\/2016\/02\/Buydig.com-quote-Charles-Bender-NGINX-Plus-dynamic-and-flexible-1024x580.png\")
<\/p>\nConclusion<\/b><\/h3>\n
About Buydig.com<\/b><\/h3>\n