performance hit in using too many if's

lists at lists at
Sat Sep 24 09:15:12 UTC 2016

‎I suspect the map module can do that more efficiently. There is an example of how to use the map module in this post:

The code is certainly cleaner using map. I use three maps, specifically for  bad user agent, bad request, and bad referrer. 

  Original Message  
From: Anoop Alias
Sent: Saturday, September 24, 2016 1:58 AM
To: Nginx
Reply To: nginx at
Subject: performance hit in using too many if's


I was following some suggestions on blocking user agents,sql
injections etc as in the following URL

Just wanted to know what is the performance hit when using so many of
these if's ( in light of the if-is-evil policy ). Especially if the
server is having a lot of virtual hosts and the rules are matched for
each of them.

Is it like:

If the server is capable (beefy) it should be able to handle these URL ?


There is a huge performance penalty .Significantly more than
apache+mod_security as an example


The is a performance penalty but not as much as other security tools
or WAF's like naxsi or mod_security

Thanks in advance,

Anoop P Alias

nginx mailing list
nginx at

More information about the nginx mailing list