Anoop Alias Wrote: ------------------------------------------------------- > Ok .. reiterating my original question. > > Is the usage of if / map in nginx config more efficient than say > naxsi ( > or libmodsecurity ) for something like blocking SQL injection ? > > For example, > https://github.com/nbs-system/naxsi/blob/master/naxsi_config/naxsi_cor > e.rules > rules 1000-1099 - blockes sql injection attempt > > So ..do (to a limited extent ) > > ## Block SQL injections > set $block_sql_injections 0; > if ($query_string ~ "union.*select.*\(") { > set $block_sql_injections 1; > ............ > ..................... > if ($block_file_injections = 1) { > return 403; > } > > > > From the point of application performance which one is better .. ? > Performance for a shared hosting server with around 500 vhosts.
I would advise if your application is vulnerable to use Naxsi because it can intercept post requests the example you provided is "$query_string" (intercepts the URL) For example : http://*.com/index.php?id=10 UNION SELECT 1,null,null-- I don't think Nginx has a way to read POST data other than the WAF methods like Naxsi ModSecurity etc. https://www.owasp.org/index.php/Testing_for_SQL_Injection_(OTG-INPVAL-005)#URL_Encoding Posted at Nginx Forum: https://forum.nginx.org/read.php?2,269808,269857#msg-269857 _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx