Announcement

Collapse
No announcement yet.

NGINX captcha

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • NGINX captcha

    Is there anyone that has tried NGINX captcha in 2.6.x?
    Will the installation interfere with other services on the server? Will it reduce load in general on the server? Anyone tested it on a DoS attack?
    How much faster is it then using apache for loading it?

    Hope either customers or CL staff could give some more information on one or more question.

  • #2
    Good day! Thank you for your question.
    First let me explain the difference. Nginx captcha is simply nginx server returning captcha page as a set of static assets. Nothing more. It should not interfere with any other services on the server because its just separate process listening on different, non-standard ports.
    Because all it does is returning captcha page, we dont think itll substantially change the overall server load. Neverheless, because nginx is very good at serving static assets we believe itll improve the overall server performance when the captcha page is repeatedly requested.
    As for DOS attacks, we know that no server can stand serious DOS attack. But nginx can stand much, much higher request rates without any difficulties, especially when serving static content, compared to previous captcha.

    We cannot directly compare nginx and apache for serving static content. Both servers can do it efficiently. But as apache is an application server (in the shared hosting environment), the cost of request processing for it is much higher than for nginx, because apache workers embed interpreters, use many modules and so on, while nginxs dont. Thats why nginx is usually placed in front of apache for serving static content.

    Comment


    • #3
      > Is there anyone that has tried NGINX captcha in 2.6.x?

      We are working on collecting feedback for Nginx captcha. We will keep you updated.

      > Will the installation interfere with other services on the server?

      We repacked nginx captcha binaries separately from default nginx package. No package name, config, serving port or path conflicts are expected.

      > Will it reduce load in general on the server? Anyone tested it on a DoS attack?
      > How much faster is it then using apache for loading it?

      Thanks Igor Savenko for the above reply post. I hope that reply post answers your question.

      Comment


      • #4
        We can report that we can safely enable and disable the NGINX captcha without any issues. We thought we had an issue the first time we enabled it but upon close and exhaustive inspection and further testing we can see that is was just a coincidence (an unrelated syntax error in apache config). In fact, it leaves apache completely configuration untouched.

        We are running mod_lsapi and have wondered if NGINX is in anyway faster but we havent been able to figure out a way to test it where we see any difference. Id be interested in knowing if NGINX would present any benefit over mod_lsapi and would be happy to test all three configurations if someone could point out a way to measure.

        At least we can say it has no noticeable negative impact.

        Comment


        • #5
          Hello,

          You can experience Nginx interaction in a case, if you add a domain to whitelisted domains list, and IP, you are connecting from, was put on graylist for other domain. Then you may find Server:nginx/1.12.1 in http response header. Nginx works here as reverse proxy with no aim to boost apache/mod_lsapi or litespeed webserver performance.

          Comment

          Working...
          X