#nginx

#nginx

Datadog Security Labs said it observed threat actors associated with the recent React2Shell ( CVE-2025-55182, CVSS score: 10.0) exploitation using malicious NGINX configurations to pull off the attack. "The malicious configuration intercepts legitimate web traffic between users and websites and routes it through attacker-controlled backend servers," security researcher Ryan Simon said. "The campaign targets Asian TLDs (.in, .id, .pe, .bd, .th), Chinese hosting infrastructure (Baota Panel), and government and educational TLDs (.edu, .gov)."

Minimum 6 GB of dedicated RAM and a multi-core CPU are recommended for optimal performance in a complete Wazuh stack deployment.

NGINX errors can severely impact web server performance and user experience, making it critical for administrators to understand and troubleshoot these issues.

To correctly apply permissions and ownership for your web project, set the ownership of website files to Nginx user www-data, and then adjust directory and file permissions.