WAF Recommendations?
agentzh
agentzh at gmail.com
Thu Sep 13 21:42:04 UTC 2012
Hello!
On Thu, Sep 13, 2012 at 8:29 AM, AJ Weber <aweber at comcast.net> wrote:
> Would like to integrate WAF functionality/capability with nginx. Has anyone
> tested the latest version of ModSecurity (2.7.0), which apparently has a
> module for nginx?
>
My colleague John Graham-Cumming has been working on a compiler that
can compile a good number of ModSecurity rule configurations into Lua
code that can be run atop ngx_lua [1]. We (CloudFlare) may opensource
it at some point.
Some (big) users of mine have been using ngx_lua to implement custom
WAF in production and sent back good results. Some reported better
performance with ngx_lua than both ModSecurity and Naxi, but I've not
confirmed the result myself yet :)
Best regards,
-agentzh
[1] http://wiki.nginx.org/HttpLuaModule
More information about the nginx
mailing list