Supercharge Your Innovation With Domain-Expert AI Agents!

Nginx-based WAF testing method

A testing method and mirroring technology, applied in the field of information security, can solve problems such as loss, customer inconvenience, affecting the normal operation of online business, and achieve the effect of eliminating unpredictable errors and avoiding impact.

Inactive Publication Date: 2018-10-16
SICHUAN CHANGHONG ELECTRIC CO LTD
View PDF4 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the impact of false positives after WAF goes online is inevitable, and it is likely to affect the normal operation of online business, causing inconvenience to customers and causing unnecessary losses.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Nginx-based WAF testing method
  • Nginx-based WAF testing method
  • Nginx-based WAF testing method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0014] Such as figure 2 as shown, figure 2 Based on the principle of the Nginx mirror module (ngx_http_mirror_module), when the client accesses the business origin (Original) through the Nginx reverse proxy, the ngx_http_mirror_module module can copy the client’s access request to the Original as an access request to the mirror origin (Mirror) . The original response Nginx will forward to the customer service end, and the Mirror response will be discarded by Nginx when it reaches Nginx.

[0015] Such as image 3 as shown, image 3 For the WAF deployment and request processing process based on the mirror module, this part mainly explains the internal processing process of Nginx, and the external part of Nginx is the same as figure 1 , figure 2 Same. When the request reaches Nginx, the location will be matched inside Nginx, and the request will be processed differently according to different locations. When the request matches the Original location in the figure, while...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a Nginx-based WAF testing method, belonging to the field of information security. The Nginx-based WAF testing method comprises the following steps that when a client accesses Original through a Nginx proxy, a Nginx mirror module copies an access request of the client for Original as an access request of Mirror; when the request arrives Nginx, location is matched inside Nginx, and the request is processed differently according to different location; if the request is to be matched for Original location, the request is forwarded to Original in the Original location module, and a mirror request is also generated to match a Mirror location module. A real service environment and a real user request are mapped to a background mirror service, so that the running environment after release of WAF can be simulated completely, and WAF can be tested according to a real request of the user without affecting online services.

Description

technical field [0001] The embodiments of the present invention relate to the field of information security, and more specifically, the embodiments of the present invention relate to an Nginx-based WAF testing method. Background technique [0002] With the continuous development of computer technology, web applications are becoming more and more extensive. As a lightweight web server, Nginx has high-performance HTTP processing capabilities and reverse proxy functions, and is widely used as a WAF deployment server. WAF is the security guarantee of web applications, and its functions and performance must be fully tested before going online. Currently, WAF testing generally goes through two steps, offline testing and online testing. Offline mainly tests WAF function and performance. Generally, WAF function is tested through vulnerability platforms such as DVWA or offline simulated business environment, and WAF performance is tested through stress testing tools such as Jmeter....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L29/06H04L29/08
CPCH04L43/0817H04L63/0263H04L63/0281H04L67/1095H04L67/02H04L67/56
Inventor 冯其
Owner SICHUAN CHANGHONG ELECTRIC CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com