Security / Varnish

Varnish as Web Application Firewall

by ,

We have by far the largest RPM repository with NGINX module packages and VMODs for Varnish. If you want to install NGINX, Varnish, and lots of useful performance/security software with smooth yum upgrades for production use, this is the repository for you.
Active subscription is required.

There is Varnish Security Firewall project, but you can do something really simple in your VCL to protect your application:

Send a 403 to requests that contain the following characters in the url: ",',<,>,(, and ). Place in vcl_recv:

if (req.url ~ "[\x27<>()\x22]") {
    return (synth(403, "Forbidden"));

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: