Web application firewall system based on nginx + Lua and implementation method thereof

A technology for applying firewalls and implementing methods, applied in transmission systems, electrical components, etc., can solve the problems of incompatibility and low portability, and achieve the effect of good expansion, high performance, and defense against attacks

Inactive Publication Date: 2016-01-06
FUZHOU BOKE WANGAN INFORMATION TECH CO LTD
View PDF0 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But at the same time, it also brings a problem that the portability is not high, and there will be many incompatibility problems when porting modsecurity to other web servers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web application firewall system based on nginx + Lua and implementation method thereof
  • Web application firewall system based on nginx + Lua and implementation method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0037] Such as figure 1 As shown, the present embodiment provides a web application firewall system based on nginx+lua, including an nginxhttp proxy layer and a business layer; the nginxhttp proxy layer includes a protocol analysis module, a connection management module, a module scheduling module and a memory management module , can realize basic functions such as connection management, protocol analysis, http request sending and receiving, etc.; the business layer includes authorization management module, lua rule engine module, storage management module, configuration management module and nginx interface management module, which can realize waf rule business ; The nginxhttp proxy layer is connected to the business layer through the nginx interface management module.

[0038] Preferably, Nginx is developed using pure C language, which has good cross...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a web application firewall system based on nginx + Lua. The web application firewall system comprises a nginx HTTP proxy layer and a service layer; the nginx HTTP proxy layer comprises a protocol analysis module, a connection management module, a module scheduling module and an internal memory management module; the service layer comprises an authorization management module, a lua rule engine module, a storage management module, a configuration management module and a nginx interface management module; the nginx HTTP proxy layer and the service layer are connected through the nginx interface management module. The web application firewall system provided by the invention can effectively and flexibly defend web application attacks.

Description

technical field [0001] The invention relates to the field of network security intrusion detection, in particular to an nginx+lua-based web application firewall system and an implementation method thereof. Background technique [0002] The purpose of web application firewall (waf) is to enhance the security of web applications and protect web applications from known and unknown attacks. At present, the world's largest web server is none other than apache, and its development time is very long. It is precisely for this reason that the current mainstream web firewalls generally use the technical solution of apache+modsecurity. modsecurity is an open source project that can be shipped as a module of the Apache web server or as a stand-alone application. [0003] However, the apache+modsecurity mode has the following problems: [0004] First, there is a bottleneck in apache web server performance. The Apache server has been around for too long. In the era of its rise, the sca...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0263
Inventor 王琦张木连刘坤朋张冬青
Owner FUZHOU BOKE WANGAN INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap