Re: [mod-security-users] Language Bindings for libmodsecurity/ModSecurity v3
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Language Bindings for libmodsecurity/ModSecurity v3
|
From: Osama E. <oel...@gm...> - 2018-06-07 22:26:38
|
Thank Robert. I remember the discussion + the useful benchmarks you and others shared The FaaS model is different from your high performance proxy model as FaaS basically runs a single concurrent request per container (with the containers scaling to accommodate additional incoming requests) so adding a small overhead of a few ms to the container time using libmodsecurity shouldn’t cause it to be a bottleneck Do you know if there is any documentation on at the interfaces or should I look at the source code? Thanks. -- Osama Elnaggar On June 8, 2018 at 4:21:29 AM, Robert Paprocki ( rpa...@fe...) wrote: Hi, On Wed, Jun 6, 2018 at 9:25 PM, Osama Elnaggar <oel...@gm...> wrote: > Hi Robert, > > It is interesting that you mentioned performance. Could you shed more > light on this? Is the performance hit significantly more than standard > ModSecurity? > There was some discussion on this list a few months back about libmodsecurity's performance as it stands today, so I would just point you there :) Given it's design and throughput capacity, it's not interesting for me to develop a LuaJIT FFI binding to work within OpenResty or other high-performance proxies and deploy it in performance-sensitive environments. The development of the Modsecurity-nginx connector was another reason I never really pushed development; there was already a native integration into Nginx, so no reason to write a Lua module wrapper around this, since it wouldn't add any useful features. |
