Re: [Mod-security-developers] ModSecurity extension for Nginx
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] ModSecurity extension for Nginx
|
From: Hoang H. N. <na...@gm...> - 2014-10-20 08:16:19
|
Hi Carlos, How many rules you applied for your system? I intend to use the whole the "Core rule set", It has a lot of rules, than if I use it each user's request will be inspect by hundreds of rules. Meanwhile reverse proxy ModSecurity becomes the bottleneck of the whole system. On Mon, Oct 20, 2014 at 2:40 PM, Carlos Vidal <ca...@ta...> wrote: > I'm using nginx+modsec with a webmail system (Zimbra) hosting 25K users > and it works pretty well. Performance depends of course on the number of > rules you apply and in which phases. You can define hundreds of rules but > have only a few that are used in the most common requests. If performance > is paramount for your site, you will need to spend some time analyzing > modsec logs to find which rules give you the highest "protection/load" > ratio. > > On Mon, Oct 20, 2014 at 6:27 AM, Hoang Hai Nam <na...@gm...> wrote: > >> Hi everyone, >> I'm planning to use ModSecurity for Nginx (reverse proxy form) to protect the >> multipe my company's website, but I confused for Development Status: BETA >> , and I do not know that ModSecurity for Nginx has stable performance >> with Core Rule Set or not? >> >> Nginx has a very good performance when used as a reverse proxy, so I want >> to ask for advices on the using Nginx with ModSecurity >> >> Looking forward to reply, Thanks all very much. >> >> -- >> Best regards, >> >> ----------------------------------------------------------------------------- >> *Hoang Hai Nam, senior* >> Department of Software Engineering >> School of Information and Communication Technology (SoICT, >> http://www.soict.hut.edu.vn) >> Hanoi University of Science and Technology (HUST, http://www.hut.edu.vn) >> C1 Building - No 1, Dai Co Viet Street, Ha Noi, Vietnam >> Yahoo: soap412 >> Mobile: +84 (0)9.13.09.66.46 >> Facebook: https://www.facebook.com/nam.hoanghai >> E-mail: na...@gm... >> nam...@ho... >> >> >> >> ------------------------------------------------------------------------------ >> Comprehensive Server Monitoring with Site24x7. >> Monitor 10 servers for $9/Month. >> Get alerted through email, SMS, voice calls or mobile push notifications. >> Take corrective actions from your mobile device. >> http://p.sf.net/sfu/Zoho >> _______________________________________________ >> mod-security-developers mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers >> ModSecurity Services from Trustwave's SpiderLabs: >> https://www.trustwave.com/spiderLabs.php >> > > > > ------------------------------------------------------------------------------ > Comprehensive Server Monitoring with Site24x7. > Monitor 10 servers for $9/Month. > Get alerted through email, SMS, voice calls or mobile push notifications. > Take corrective actions from your mobile device. > http://p.sf.net/sfu/Zoho > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > -- Best regards, ----------------------------------------------------------------------------- *Hoang Hai Nam, senior* Department of Software Engineering School of Information and Communication Technology (SoICT, http://www.soict.hut.edu.vn) Hanoi University of Science and Technology (HUST, http://www.hut.edu.vn) C1 Building - No 1, Dai Co Viet Street, Ha Noi, Vietnam Yahoo: soap412 Mobile: +84 (0)9.13.09.66.46 Facebook: https://www.facebook.com/nam.hoanghai E-mail: na...@gm... nam...@ho... |
