| I'm not sure the number of virtual hosts matters since each attack is individual. But if 500 vhosts meant say a hundred customers, I sure wouldn't want to deal with the false positives in your email. Much like setting up an IP firewall, you just can't load a bunch of rules someone else wrote and expect smooth sailing. When you write your own rule, you can debug it quickly.
Ok .. reiterating my original question. Is the usage of if / map in nginx config more efficient than say naxsi ( or libmodsecurity ) for something like blocking SQL injection ? rules 1000-1099 - blockes sql injection attempt So ..do (to a limited extent ) ## Block SQL injections set $block_sql_injections 0; if ($query_string ~ "union.*select.*\(") { set $block_sql_injections 1; ............ ..................... if ($block_file_injections = 1) { return 403; } From the point of application performance which one is better .. ? Performance for a shared hosting server with around 500 vhosts. On Mon, Sep 26, 2016 at 3:39 PM, <li...@lazygranch.com> wrote: For one thing, I have trouble making fail2ban work. ;-) I run sshguard, so the major port 22 hacking is covered. And that is continous. Anoop P Alias | ||
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
