Hi, I was following some suggestions on blocking user agents,sql injections etc as in the following URL
https://www.howtoforge.com/nginx-how-to-block-exploits-sql-injections-file-injections-spam-user-agents-etc Just wanted to know what is the performance hit when using so many of these if's ( in light of the if-is-evil policy ). Especially if the server is having a lot of virtual hosts and the rules are matched for each of them. Is it like: If the server is capable (beefy) it should be able to handle these URL ? or There is a huge performance penalty .Significantly more than apache+mod_security as an example or The is a performance penalty but not as much as other security tools or WAF's like naxsi or mod_security Thanks in advance, -- Anoop P Alias _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
