Skip to main content

Security / Varnish

Varnish as Web Application Firewall

by , , revisited on

We have by far the largest RPM repository with NGINX module packages and VMODs for Varnish. If you want to install NGINX, Varnish, and lots of useful performance/security software with smooth yum upgrades for production use, this is the repository for you.
Active subscription is required.

📅 Updated: July 27, 2023 (Originally published: May 16, 2017)

There is Varnish Security Firewall project, but you can do something really simple in your VCL to protect your application:

Send a 403 to requests that contain the following characters in the url: ",',<,>,(, and ). Place in vcl_recv:

if (req.url ~ "[\x27<>()\x22]") {
    return (synth(403, "Forbidden"));
}

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.