Documentation
From SEnginx
HOWTO
Installation
Configuration Examples
Configuration for L7 DDoS Mitigation
Module Documentation
We document here the features that only SEnginx provides, we don't document the original features from nginx, you can find that information at: http://nginx.org/en/docs/
| Module/Feature | Description |
| Application Delivery | |
| TCP Proxy and Load Balancing | Integrates nginx_tcp_proxy_module |
| Enhanced "if" Direcitve in Rewrite Module | Enhances original "if" directive to support multi-condition. |
| Dynamic DNS Resolve in Upstream | Resolves domain names in upstream block and proxy_pass when connecting to backend servers. |
| Proxy HTTPS Client Certificate | Support proxying to a client-verification enabled backend server and HTTPS mutual authentication |
| Fastest Load Balancing Algorithm | An algorithm that chooses the fastest response backend server |
| Fair Load Balancing Alogorithm | Integrate nginx-upstream-fair module |
| Session Persistence | Provides session persistence functionality in 3 ways. |
| Caching Based on MIME Type | Introduces response MIME type filter in nginx's proxy cache feature. |
| Server Health Monitor | Based on tengine's upstream check module and additionally supports fair and fastest load balancing algorithm. |
| Web Security | |
| IP Access Behavior Module | Provides the functionality that detects user's access behavior, the result can be used by other modules |
| Conditional limit_req module | Based on tengine's limit_req module, enhanced with condition-based limitation |
| HTTP Robot Mitigation | Provides robot mitigation functionality, including defence for HTTP DDoS, vulnerability scanning and other crawlers. |
| Dynamic IP Blacklist | Dynamic blacklist based on source IP address |
| User-Agent Whitelist with DNS Reverse Resolve | Whitelist based on user-agent header in HTTP request, with DNS reverse resolve function |
| Cookie Poisoning | Provides anti cookie poisoning feature |
| Web Defacement | Detects the web pages are defaced or not, if so the pages could be recover |
| Naxsi | Open source whitelist-rule-based WAF module |
| ModSecurity | nginx portion of Apache mod_security |
| Secure Session Mechanism | Provides the functionlity to mark HTTP requests as a logical session, could be used by other security modules to implement their functions |
| NetEye Security Layer | NetEye security layer, base framework for most security modules in SEnginx, responses for calling modules and handling actions and sending logs, etc |
| Management | |
| Syslog Support | Supports exporting logs (access_log and error_log) to local syslog daemon. |
| Statistics | Support exporting statistics data via JSON format. |
