[mod-security-users] ModSecurity cost in Nginx

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi all,

I am testing ModSecurity with Nginx.

I downloaded open source rule-set owasp-modsecurity-crs at Github and fed a captured real http traffic into Nginx to see the overhead of ModSecurity within Nginx. But a total of less than 1% CPU cycles are spent on ModSecurity. Do you have any insights of the percentage of time spent on ModSecurity within Nginx based on your experience?

Thanks,
Xiang