<br><div class="gmail_quote">On 28 May 2011 15:31, pk899 <span dir="ltr"><<a href="mailto:nginx-forum@nginx.us">nginx-forum@nginx.us</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Thanks. The RBL checking in Apache (via mod security) can happen in very<br>
specific manner. I could specify that they check only specific arguments<br>
(the very precise "input" field in the html) in a very specific page<br>
("postcommentform.php").<br></blockquote><div> </div><div>There is no module like this for nginx that I'm aware of but you can probably find application-level libraries to do it. The fewer conditionals at the HTTP server level the better.</div>
<div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<br>
Similarly, sure, the application needs to be smartly coded to prevent<br>
against injections. But mod_security enables blocking this at a much<br>
earlier phase in the web transaction. And it's easy to control this a<br>
bit better at the hosting level.<br>
<br></blockquote><div>If it's important then leave it on Apache with your web application. It will still do what it does upstream of nginx.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Clearly, I am looking at nginx not only as a "speed option", but as a<br>
replacement for Apache. Several blogs online say that they have moved to<br>
nginx. I am trying to see how. Apache is sadly bloated but thanks to<br>
mod_security etc it's a very, very practical modern solution.<br></blockquote><div><br></div><div>IMO its bloat is not helped by being piled with high with modules. This is where nginx comes in, and being relatively free of modules was one of its selling points for me. </div>
<div><br></div><div><br></div></div>