Web application firewall system based on nginx + Lua and implementation method thereof

Abstract

The invention relates to a web application firewall system based on nginx + Lua. The web application firewall system comprises a nginx HTTP proxy layer and a service layer; the nginx HTTP proxy layer comprises a protocol analysis module, a connection management module, a module scheduling module and an internal memory management module; the service layer comprises an authorization management module, a lua rule engine module, a storage management module, a configuration management module and a nginx interface management module; the nginx HTTP proxy layer and the service layer are connected through the nginx interface management module. The web application firewall system provided by the invention can effectively and flexibly defend web application attacks.

Description

technical field

[0001] The invention relates to the field of network security intrusion detection, in particular to an nginx+lua-based web application firewall system and an implementation method thereof. Background technique

[0002] The purpose of web application firewall (waf) is to enhance the security of web applications and protect web applications from known and unknown attacks. At present, the world's largest web server is none other than apache, and its development time is very long. It is precisely for this reason that the current mainstream web firewalls generally use the technical solution of apache+modsecurity. modsecurity is an open source project that can be shipped as a module of the Apache web server or as a stand-alone application.

[0003] However, the apache+modsecurity mode has the following problems:

[0004] First, there is a bottleneck in apache web server performance. The Apache server has been around for too long. In the era of its rise, the sca...

Images