Hello,
You just need fail2ban and no need to know Perl. But you'll probably need to
know regular expressions.
Fail2ban can be adapted to most log format, but nginx logs format is the
same as apache, so it's easy :-)
I'm sure you can find many tutorials to explain how to install and configure
it b
To: nginx@nginx.org
Reply To: nginx@nginx.org
Subject: Re: performance hit in using too many if's
Anoop Alias Wrote:
---
> Ok .. reiterating my original question.
>
> Is the usage of if / map in nginx config more efficient than say
&
On Mon, Sep 26, 2016 at 4:28 AM, Anoop Alias wrote:
> Ok .. reiterating my original question.
>
> Is the usage of if / map in nginx config more efficient than say naxsi (
> or libmodsecurity ) for something like blocking SQL injection ?
>
Strictly speaking, and barring performance costs of th
Anoop Alias Wrote:
---
> Ok .. reiterating my original question.
>
> Is the usage of if / map in nginx config more efficient than say
> naxsi (
> or libmodsecurity ) for something like blocking SQL injection ?
>
> For example,
> https://githu
to be a better plan.
Original Message
From: Alt
Sent: Monday, September 26, 2016 1:43 AM
To: nginx@nginx.org
Reply To: nginx@nginx.org
Subject: Re: performance hit in using too many if's
Hello,
I don't agree with Robert Paprocki: adding modules like naxsi or modsecurity
to nginx is
like update. I had to change
> all URLs with the word update in them to a non reserved word. Some triggers
> I couldn't even figure out. Thus I determined using the map modules and my
> own triggers to be a better plan.
>
> Original Message
> From: Alt
> Sent: Monday,
l
URLs with the word update in them to a non reserved word. Some triggers I
couldn't even figure out. Thus I determined using the map modules and my own
triggers to be a better plan.
Original Message
From: Alt
Sent: Monday, September 26, 2016 1:43 AM
To: nginx@nginx.org
Reply To: nginx@n
Hello,
I don't agree with Robert Paprocki: adding modules like naxsi or modsecurity
to nginx is not a solution. They have bugs, performance hits, need patch
when there's new versions of nginx,...
gariac, you say you send 444 to hackers then use a script to display those.
Why not use fail2ban to s
bject: Re: performance hit in using too many if's
Pardon me, but this thread smells terribly of bikeshedding. Comparing ifs vs
maps is useless when what you're trying to accomplish should never be done
through an HTTP server config. It's security theater, and no, the low-hanging
e can do that more efficiently. There is an example
>> of how to use the map module in this post:
>>
>> http://ask.xmodulo.com/block-specific-user-agents-nginx-web-server.html
>>
>> The code is certainly cleaner using map. I use three maps, specifically for
>&
block them.
Original Message
From: Anoop Alias
Sent: Saturday, September 24, 2016 2:39 AM
To: Nginx
Reply To: nginx@nginx.org
Subject: Re: performance hit in using too many if's
I understand that the map may look cleaner on the config as each vhost
don't need the if matchings ..but t
g map. I use three maps, specifically for
> bad user agent, bad request, and bad referrer.
>
>
>
> Original Message
> From: Anoop Alias
> Sent: Saturday, September 24, 2016 1:58 AM
> To: Nginx
> Reply To: nginx@nginx.org
> Subject: performance hit in using too many if'
request, and bad referrer.
Original Message
From: Anoop Alias
Sent: Saturday, September 24, 2016 1:58 AM
To: Nginx
Reply To: nginx@nginx.org
Subject: performance hit in using too many if's
Hi,
I was following some suggestions on blocking user agents,sql
injections etc as in the followin
Hi,
I was following some suggestions on blocking user agents,sql
injections etc as in the following URL
https://www.howtoforge.com/nginx-how-to-block-exploits-sql-injections-file-injections-spam-user-agents-etc
Just wanted to know what is the performance hit when using so many of
these if's ( in
14 matches
Mail list logo
