Hi,<br><br><div class="gmail_quote">On Thu, Jan 12, 2012 at 11:35 PM, Joshua Zhu <span dir="ltr"><<a href="mailto:zhuzhaoyuan@gmail.com">zhuzhaoyuan@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Hi,<br><br>We are pleased to announce that Tengine-1.2.2 has been released. And you can download it here: <a href="http://tengine.taobao.org/download/tengine.tar.gz" target="_blank">http://tengine.taobao.org/download/tengine.tar.gz</a><br>
(For those who don't know Tengine, it is a distribution of Nginx, including quite a few useful patches and modules developed by a group software engineers from Taobao)<br>
<br>In this release, we introduced the 'input body filter' mechanism. So it's very handy to a developer who wants to write a Web Application Firewall. We merged the changes from the latest stable Nginx, i.e. Tengine is based on Nginx-1.0.11 now. There are also some bug fixes in this release. More detailed changelog is available at <a href="http://tengine.taobao.org/changelog.html" target="_blank">http://tengine.taobao.org/changelog.html</a><br>
</blockquote><div><br>I've written a post about how to use this 'input body filter' to develop Web Application Firewalls, taking a _naive_ module to fight hash collision DoS attacks as an example:<br><a href="http://blog.zhuzhaoyuan.com/2012/01/a-mechanism-to-help-write-web-application-firewalls-for-nginx/">http://blog.zhuzhaoyuan.com/2012/01/a-mechanism-to-help-write-web-application-firewalls-for-nginx/</a><br>
</div></div><br>Regards,<br clear="all"><br>-- <br>Joshua Zhu<br>Senior Software Engineer<br>Server Platforms Team at Taobao<br>