Nginx Application Safety Protection Module-summary

Ngx_lua_waf Module Module Introduction

A Web application firewall based on Ngx_lua, the code is simple, the main purpose is to use simple, high performance and lightweight.

Function:

• for filtering common web attacks in the Post,get,cookie way

• prevent SQL injection, local containment, partial overflow, fuzzing test, XSS,SSRF and other web attacks

• Prevent file leaks such as svn/backups.

• attack against stress test tools such as Apachebench

• masking common scan hack tool, scanner

• network request for masking exceptions

• masking picture Attachment class directory PHP Execute permissions

• prevent Webshell from uploading

Related connections:

Http://blog.chinaunix.net/uid-1728743-id-3546152.html

Https://github.com/openresty/lua-nginx-module

Http://www.tuicool.com/articles/6B3ia2

Http://netsecurity.51cto.com/art/201503/467721_all.htm

Defense Mechanism

The third-party module, developed in the Lua language, can embed the Lua language into the Nginx configuration, thereby greatly enhancing Nginx's ability to use LUA. Nginx is known for its high concurrency and the Lua script is lightweight.

naxsi Module Module Introduction

Naxsi is a lightweight third-party web security module based on Nginx, which can protect the various malicious attacks of the Web application layer, such as SQL Injiection, XSS, CSRF, Directory traversal and other attacks. Ability to fully detect and filter the request behavior of GET, Post, cookie for Web application layer.

Naxsi relies on a well-deserved model that has several advantages, but is constrained by some limitations:

• Professional:

• Fast: simple, lightweight operation

• Elasticity:signature-less design allows for increased resilience against confusing/complex attacks

• Standalone update:signature-less is designed to allow for sustainable security, even without updates

• Configuration:

• Positive practices require a more important white-list mechanism rather than model-alone

• Because Naxsi is like a network firewall, your Web application will not protect properly if you set more rules that are loosely secured

Related connections:

http://blog.micblo.com/2015/07/19/naxsi-tutorial-1/

Defense Mechanism

Naxsi's main protection mechanism is to implement threat blocking through a built-in set of extremely strict core rules, and to prevent normal requests from being killed by a user-defined whitelist (white list), through continuous optimization of both sides, To achieve a balance between security protection and business access.

modsecurity Module Module Introduction

In favor of filtering and blocking web dangers, the strong rule is that OWASP provides rules that are maintained by community volunteers, known as Core Rules CRS (corerules), are reliable and powerful, and of course can customize rules to meet a variety of needs.

Related connections:

Http://www.52os.net/articles/nginx-use-modsecurity-module-as-waf.html

Defense Mechanism

Modsecurity is an intrusion detection and blocking engine that is primarily used for Web applications so it can also be called a Web application firewall. It can be run as a module of the Apache Web server or as a separate application. The purpose of modsecurity is to enhance the security of Web applications and protect Web applications from known and unknown attacks.

This article is from the "mask_x blog" blog, please be sure to keep this source http://zhpfbk.blog.51cto.com/4757027/1879861

Nginx Application Safety Protection Module-summary