Server hardening without "If" conditions

ktm at ktm at
Wed Jun 1 16:57:27 MSD 2011

On Wed, Jun 01, 2011 at 08:47:48AM -0400, pk899 wrote:
> Hi. I notice that nginx with just the location rules and usual
> directives results in mind-blowing performance. Apache Bench test shows
> "115,000 requests per second" can be handled. 
> However, when I add a simple rule: 
>     if ($request_method !~ ^(GET|HEAD|POST)$ ) {
>       return 444;
>     }
> Which I think is important from a point of view of getting rid of so
> much junk that hits any modern server, the requests per second fall to
> "1,200" !!!
> Is there any way around this? I would, if possible, prefer that my main
> web server be able to handle such basic stuff. 
> Welcome any thoughts. Thanks!
> Posted at Nginx Forum:,202965,202965#msg-202965

Well, the test you added includes the regular expression calculations as well.
Can nginx use three simpler exact string matches instead? It may be faster.


More information about the nginx mailing list