Hi,
I was following some suggestions on blocking user agents,sql
injections etc as in the following URL
https://www.howtoforge.com/nginx-how-to-block-exploits-sql-injections-file-injections-spam-user-agents-etc
Just wanted to know what is the performance hit when using so many of
these if's ( in light of the if-is-evil policy ). Especially if the
server is having a lot of virtual hosts and the rules are matched for
each of them.
Is it like:
If the server is capable (beefy) it should be able to handle these URL ?
or
There is a huge performance penalty .Significantly more than
apache+mod_security as an example
or
The is a performance penalty but not as much as other security tools
or WAF's like naxsi or mod_security
Thanks in advance,
--
Anoop P Alias
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
I was following some suggestions on blocking user agents,sql
injections etc as in the following URL
https://www.howtoforge.com/nginx-how-to-block-exploits-sql-injections-file-injections-spam-user-agents-etc
Just wanted to know what is the performance hit when using so many of
these if's ( in light of the if-is-evil policy ). Especially if the
server is having a lot of virtual hosts and the rules are matched for
each of them.
Is it like:
If the server is capable (beefy) it should be able to handle these URL ?
or
There is a huge performance penalty .Significantly more than
apache+mod_security as an example
or
The is a performance penalty but not as much as other security tools
or WAF's like naxsi or mod_security
Thanks in advance,
--
Anoop P Alias
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx