Very cool! lua-resty-waf is actually at the top of my list of WAFs to try
as soon as I finish deploying openresty everywhere.
On Mon, Apr 25, 2016 at 11:09 AM, Robert Paprocki <
rpapro...@fearnothingproductions.net> wrote:
> There are also several WAFs built upon Openresty (nginx + luajit at
>>
>
> There are also several WAFs built upon Openresty (nginx + luajit at
> openresty.com) however I haven't set any of them up yet so I can't
> comment on their production readiness.
>
Speaking as the author of one of these (lua-resty-waf,
https://github.com/p0pr0ck5/lua-resty-waf), I can tell you
for a nice and simple*) but yet powerfull WAF-solution for nginx you
might want to try naxsi https://github.com/nbs-system/naxsi
*) simple in terms of: easy to setup, easy to maintain, easy to adjust
cheers,
mex
Posted at Nginx Forum:
There is a version of modsecurity for Nginx -
https://github.com/SpiderLabs/ModSecurity - however it tends to cause
random mysterious problems including segfaults so maybe not what your
looking for.
There are also several WAFs built upon Openresty (nginx + luajit at
openresty.com) however I
With respect the ModSecurity and the CRS, the current nginx implementation of
ModSecurity is still pretty buggy and likely won't get any attention. It's
known to cause segfaults and server-side errors during requests. You'd be
better off looking at the libmodsec v3 integration, which is still