Security / Varnish

Varnish as Web Application Firewall

by ,

We have by far the largest RPM repository with dynamic stable NGINX modules and VMODs for Varnish 4.1 and 6.0 LTS. If you want to install NGINX, Varnish, and lots of useful modules for them, this is your one-stop repository to get all performance-related software.
You have to maintain an active subscription in order to be able to use the repository!

There is Varnish Security Firewall project, but you can do something really simple in your VCL to protect your application:

Send a 403 to requests that contain the following characters in the url: ",',<,>,(, and ). Place in vcl_recv:

if (req.url ~ "[\x27<>()\x22]") {
    return (synth(403, "Forbidden"));

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.