Welcome! Log In Create A New Profile

Advanced

Re: performance hit in using too many if's

September 26, 2016 12:10PM
Anoop Alias Wrote:
-------------------------------------------------------
> Ok .. reiterating my original question.
>
> Is the usage of if / map in nginx config more efficient than say
> naxsi (
> or libmodsecurity ) for something like blocking SQL injection ?
>
> For example,
> https://github.com/nbs-system/naxsi/blob/master/naxsi_config/naxsi_cor
> e.rules
> rules 1000-1099 - blockes sql injection attempt
>
> So ..do (to a limited extent )
>
> ## Block SQL injections
> set $block_sql_injections 0;
> if ($query_string ~ "union.*select.*\(") {
> set $block_sql_injections 1;
> ............
> .....................
> if ($block_file_injections = 1) {
> return 403;
> }
>
>
>
> From the point of application performance which one is better .. ?
> Performance for a shared hosting server with around 500 vhosts.

I would advise if your application is vulnerable to use Naxsi because it can intercept post requests the example you provided is "$query_string" (intercepts the URL) For example : http://*.com/index.php?id=10 UNION SELECT 1,null,null--

I don't think Nginx has a way to read POST data other than the WAF methods like Naxsi ModSecurity etc.

https://www.owasp.org/index.php/Testing_for_SQL_Injection_(OTG-INPVAL-005)#URL_Encoding

http://www.networkflare.com/
Subject Author Posted

performance hit in using too many if's

Anoop Alias September 24, 2016 05:00AM

Re: performance hit in using too many if's

gariac September 24, 2016 05:32AM

Re: performance hit in using too many if's

Anoop Alias September 24, 2016 05:40AM

Re: performance hit in using too many if's

gariac September 24, 2016 06:04AM

Re: performance hit in using too many if's

Robert Paprocki September 24, 2016 07:42AM

Re: performance hit in using too many if's

gariac September 24, 2016 10:10AM

Re: performance hit in using too many if's

Alt September 26, 2016 04:43AM

Re: performance hit in using too many if's

gariac September 26, 2016 06:10AM

Re: performance hit in using too many if's

Anoop Alias September 26, 2016 07:30AM

Re: performance hit in using too many if's

gariac September 26, 2016 11:18AM

Re: performance hit in using too many if's

c0nw0nk September 26, 2016 12:10PM

Re: performance hit in using too many if's

Robert Paprocki September 26, 2016 01:18PM

Re: performance hit in using too many if's

gariac September 26, 2016 03:00PM

Re: performance hit in using too many if's

Alt September 27, 2016 07:34AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 117
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready