Edge, reverse proxy and application gateway
We deploy Nginx as a high-performance edge and reverse proxy — for TLS termination with modern cipher suites, HTTP/2 and HTTP/3, rate limiting, geo-blocking, mTLS and as a caching layer in front of APIs, static assets and web applications.
Capabilities: ModSecurity or Coraza WAF integration aligned with the OWASP Core Rule Set, bot protection, OIDC forward-auth against Keycloak/Authentik, secure defaults aligned with BSI and Mozilla guidelines, and automated certificate rotation via Let’s Encrypt or your own CAs.
We deliver: high-availability setups (Keepalived, BGP, Anycast), performance tuning under load, observability via Prometheus exporters and migrations from commercial load balancers — all on European hardware or in your own data center.