performance hit in using too many if's
lists at lazygranch.com
lists at lazygranch.com
Sat Sep 24 09:15:12 UTC 2016
I suspect the map module can do that more efficiently. There is an example of how to use the map module in this post:
http://ask.xmodulo.com/block-specific-user-agents-nginx-web-server.html
The code is certainly cleaner using map. I use three maps, specifically for bad user agent, bad request, and bad referrer.
Original Message
From: Anoop Alias
Sent: Saturday, September 24, 2016 1:58 AM
To: Nginx
Reply To: nginx at nginx.org
Subject: performance hit in using too many if's
Hi,
I was following some suggestions on blocking user agents,sql
injections etc as in the following URL
https://www.howtoforge.com/nginx-how-to-block-exploits-sql-injections-file-injections-spam-user-agents-etc
Just wanted to know what is the performance hit when using so many of
these if's ( in light of the if-is-evil policy ). Especially if the
server is having a lot of virtual hosts and the rules are matched for
each of them.
Is it like:
If the server is capable (beefy) it should be able to handle these URL ?
or
There is a huge performance penalty .Significantly more than
apache+mod_security as an example
or
The is a performance penalty but not as much as other security tools
or WAF's like naxsi or mod_security
Thanks in advance,
--
Anoop P Alias
_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list