Loading...

Lua Workshop 2016: Lua's use in ModSecurity and other WAFs - Robert Paprocki (DreamHost)

191 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Dec 4, 2016

As web applications evolve and grow in complexity and ubiquity, the need to develop performant web application firewall (WAF) solutions as grown as well. This talk will focus on the history and use of Lua in open source WAF solutions. We will discuss how the Apache (and now platform-agnostic) ModSecurity leverages embeded Lua to provide rule authors a powerful extension to the ModSecurity DSL. We will also discuss how developments in the OpenResty community allow for the development of complex Lua applications in the context of the Nginx proxy ecosystem, and examine one such project (lua-resty-waf) in close detail, discussing performance, comparing its feature set with existing open source WAF projects, and discussing the role Lua and LuaJIT plays in optimizing execution times.

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...