From SEnginx
Jump to: navigation, search


Configuration Examples
Configuration for L7 DDoS Mitigation

Module Documentation

We document here the features that only SEnginx provides, we don't document the original features from nginx, you can find that information at:

Module/Feature Description
Application Delivery
TCP Proxy and Load Balancing Integrates nginx_tcp_proxy_module
Enhanced "if" Direcitve in Rewrite Module Enhances original "if" directive to support multi-condition.
Dynamic DNS Resolve in Upstream Resolves domain names in upstream block and proxy_pass when connecting to backend servers.
Proxy HTTPS Client Certificate Support proxying to a client-verification enabled backend server and HTTPS mutual authentication
Fastest Load Balancing Algorithm An algorithm that chooses the fastest response backend server
Fair Load Balancing Alogorithm Integrate nginx-upstream-fair module
Session Persistence Provides session persistence functionality in 3 ways.
Caching Based on MIME Type Introduces response MIME type filter in nginx's proxy cache feature.
Server Health Monitor Based on tengine's upstream check module and additionally supports fair and fastest load balancing algorithm.
Web Security
IP Access Behavior Module Provides the functionality that detects user's access behavior, the result can be used by other modules
Conditional limit_req module Based on tengine's limit_req module, enhanced with condition-based limitation
HTTP Robot Mitigation Provides robot mitigation functionality, including defence for HTTP DDoS, vulnerability scanning and other crawlers.
Dynamic IP Blacklist Dynamic blacklist based on source IP address
User-Agent Whitelist with DNS Reverse Resolve Whitelist based on user-agent header in HTTP request, with DNS reverse resolve function
Cookie Poisoning Provides anti cookie poisoning feature
Web Defacement Detects the web pages are defaced or not, if so the pages could be recover
Naxsi Open source whitelist-rule-based WAF module
ModSecurity nginx portion of Apache mod_security
Secure Session Mechanism Provides the functionlity to mark HTTP requests as a logical session, could be used by other security modules to implement their functions
NetEye Security Layer NetEye security layer, base framework for most security modules in SEnginx, responses for calling modules and handling actions and sending logs, etc
Syslog Support Supports exporting logs (access_log and error_log) to local syslog daemon.
Statistics Support exporting statistics data via JSON format.
Retrieved from ""
Personal tools

In other languages
  • 中文
  • What links here
  • Related changes
  • Special pages
  • Printable version