Thanks for being here, come back soon. Get notified of new posts:

Subscription confirmed. Thank you for subscribing!


August 23, 2013 6:31AM

CloudFlare's new WAF: compiling to Lua

NGINX WAF Reliability

We use nginx throughout our network for front-line web serving, proxying and traffic filtering. In some cases, we've augmented the core C code of nginx with our own modules, but recently we've made a major move to using Lua in conjunction with nginx. One project that's now almost entirely written in Lua is the new CloudFlare WAF that we blogged about the other day. The Lua WAF uses the nginx Lua module to embed Lua code and execute that code as part of the normal nginx handling of phases. The entire execution of the WAF is actually handled by the following nginx configuration: location / { set $backend_waf "WAF_CORE"; default_type 'text/plain'; access_by_lua ' local waf = require "waf" waf.execute() '; } The access_by_lua directive tells nginx to...

More Posts