Re: [Mod-security-developers] ModSecurity extension for Nginx
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] ModSecurity extension for Nginx
|
From: Carlos V. <ca...@ta...> - 2014-10-20 08:03:25
|
I'm using nginx+modsec with a webmail system (Zimbra) hosting 25K users and it works pretty well. Performance depends of course on the number of rules you apply and in which phases. You can define hundreds of rules but have only a few that are used in the most common requests. If performance is paramount for your site, you will need to spend some time analyzing modsec logs to find which rules give you the highest "protection/load" ratio. On Mon, Oct 20, 2014 at 6:27 AM, Hoang Hai Nam <na...@gm...> wrote: > Hi everyone, > I'm planning to use ModSecurity for Nginx (reverse proxy form) to protect the > multipe my company's website, but I confused for Development Status: BETA, > and I do not know that ModSecurity for Nginx has stable performance with > Core Rule Set or not? > > Nginx has a very good performance when used as a reverse proxy, so I want > to ask for advices on the using Nginx with ModSecurity > > Looking forward to reply, Thanks all very much. > > -- > Best regards, > > ----------------------------------------------------------------------------- > *Hoang Hai Nam, senior* > Department of Software Engineering > School of Information and Communication Technology (SoICT, > http://www.soict.hut.edu.vn) > Hanoi University of Science and Technology (HUST, http://www.hut.edu.vn) > C1 Building - No 1, Dai Co Viet Street, Ha Noi, Vietnam > Yahoo: soap412 > Mobile: +84 (0)9.13.09.66.46 > Facebook: https://www.facebook.com/nam.hoanghai > E-mail: na...@gm... > nam...@ho... > > > > ------------------------------------------------------------------------------ > Comprehensive Server Monitoring with Site24x7. > Monitor 10 servers for $9/Month. > Get alerted through email, SMS, voice calls or mobile push notifications. > Take corrective actions from your mobile device. > http://p.sf.net/sfu/Zoho > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
