This was my feeling too about the article (again, feeling, no factual base at all) but shanemhansen from the comment above seems to have a good experience with this type of approach so who knows, maybe we are overengineering by putting nginx in front for defense.
But i would suspect the "security through obscurity" also helps quite a bit in defending most of the attacks
