alexazhou/VeryNginx


A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Control Panel, and Dashboards.

License: LGPL-3.0

Language: Lua


VeryNginx

VeryNginx is a very powerful and friendly nginx .

中文文档

###Notice After v0.2 , The entry uri of control panel was moved to /verynginx/index.html

##Description

VeryNginx is based on lua_nginx_module(openrestry). It implements advanced firewall(waf), access statistics and some other features. It strengthens the Nginx's functions, and provides a friendly Web interface.

VeryNginx online demo

User / Password: verynginx / verynginx

The full version of config guide can be found on: VeryNginx Wiki .

###Nginx run status analyzing

  • Request per second
  • Response time
  • Net Traffic
  • Tcp connectinn num

Nginx status

###Custom Action

VeryNginx supports custom actions, which can do a lot of things.

Custom action consists of two parts, Matcher and Action . Matcher is used to test whether a request meets the rule, Action is the logic you want to run.

The advantage of this design is that the Matcher includes all select rule, and can be reused, making use of rules to describe a very complex logic possible.

####Matcher

A Matcher is used to select a part of all requests, a Matcher may contain one or more condition. The following conditions are currently supported:

  • Client IP
  • Host
  • UserAgent
  • URI
  • Referer
  • Request Args

When a request does not conflict with any of the conditions of the Matcher, the request will be selected by the Matcher

####Action

Every Action refers to a Matcher , and will run on the requests selected by the Matcher

Now we have these Actions

  • Scheme Lock lock the scheme to http/https
  • Redirect Redirect request
  • URI Rewrite Do internal rewrite on the request
  • Browser Verify Use set-cookies and javascript to verify the client is a browser,and block traffic of the robot. This action may block the spider of search engine, so please enable it when under attack only.
  • Frequency Limit Limit max request time in a specified time period
  • Filter Block some request, can do the WAF

Matcher can select requests by multiple conditions, so with Filter Action, we got a powerful waf. The waf can filter requests with complex rules and return special status code when it block a request.

VeryNginx presets some simple filter rules, which can prevent simple SQL injection, Git and SVN file disclosure, directory traversal attacks and common scanning tool.

VeryNginx Matcher

VeryNginx filter

####Backend

Every Backend refers to a Matcher,and will handle the requests selected by the Matcher

Now we have these Backend

  • Proxy Pass Proxy the request to other server
  • Static File Use local file to handle the request file

###Request statistics

VeryNginx can record the request of URI, include these data of every URI:

  • All Request Count
  • Request count of every status code
  • Total Bytes
  • Avg Bytes
  • Total response time
  • Avg reqponse time

request statistics

##Installation

Install Nginx / OpenResty

VeryNginx is based on OpenResty, so you need to install it first. But don't warry, VeryNginx gives a script to do it automatically.

python install.py install

Just run this command, openresty and verynginx will be installed automatically.

####Want using custom nginx?

VeryNginx can install openresty automatically so that you needn't install nginx(openresty) manually.

But if you want use a nginx compiled by you self, that also ok. You can see that for some help

Use-own-nginx

Usage

Edit nginx configuration file

The configuration file of VeryNginx is /opt/verynginx/openresty/nginx/conf/nginx.conf, that's a demo. It just can let verynginx run so that you can see the dashboard of verynginx. If you want do something really useful, you need edit that file and add your own nginx configuration into it.

This configuration file add three include command to embeded verynginx into original nginx( openresty )

  • include /opt/verynginx/verynginx/nginx_conf/in_external.conf;
  • include /opt/verynginx/verynginx/nginx_conf/in_http_block.conf;
  • include /opt/verynginx/verynginx/nginx_conf/in_server_block.conf;

These include command were placed outside a block, block http internal configuration, server configuration block inside, Remenber keep these three line when modifying. If you add a new Server configuration block or http configuration block, also need add suitable include line into it.

Start / Stop / Restart Service

#Start Service
/opt/verynginx/openresty/nginx/sbin/nginx

#Stop Service
/opt/verynginx/openresty/nginx/sbin/nginx -s stop

#Restart Service
/opt/verynginx/openresty/nginx/sbin/nginx -s reload

Configure VeryNginx on dashboard

After the service begin running, you can see server status and do config on dashboard.

The address of dashboard is http://{{your_machine_address}}/verynginx/index.html.

Default user and password is verynginx / verynginx. You should be able to work through all the options now.

The full version of config guide can be found in VeryNginx Wiki .

Trouble Shooting

If you have any problems during installation / configuration / use , you can refer the Trouble Shooting document.

Trouble Shooting

Tips

  • New configs will be effective immediately upon saving. It's not necessary to restart or reload nginx.

  • When you save config, VeryNginx will write all configs to /opt/verynginx/verynginx/configs/config.json.

  • If the chat in status page is stuck, you can click the gear icon in the upper right corner to turn off animation

  • If you lock yourself out of VeryNginx by doing something stupid, you can always delete config.json to revert VeryNginx to its default.

###Update VeryNginx / OpenResty

Over time, VeryNginx own will evolve, and can also support newer version of OpenResty. New version of VeryNginx might support some new features or fix some old bugs. If you want to update locally installed VeryNginx, you just need pull the latest code from github to local, and run the following commands:

#Update VeryNginx
python install.py update verynginx

#Update OpenResty
python install.py update openresty

install.py will keep the old config.json and nginx.conf during update. So that you will not lost configuration after update.

Build VeryNginx docker Image

After cloning code to your local filesystem, you can run the following commands:

cd Docker  
docker build -t verynginx .
docker run verynginx

Then you can navigate to your browser http://{{your_docker_machine_address}}/verynginx/index.html

Optionally you can run docker run -p xxxx:80 verynginx to map your container port 80 to your host's xxxx port

Donate

If you like VeryNginx, you can donate to support my development VeryNginx. With your support, I will be able to make VeryNginx better 😎.

PayPal

Support VeryNginx via PayPal

We Chat

Scan the QRcode to support VeryNginx.

Thanks

VeryNginx thanks for the help

###Enjoy~

[^openresty]: OpenResty Openresty is a enhanced nginx,bundle standard nginx core and lots of 3rd-party nginx module.

Project Statistics

Sourcerank 9
Repository Size 628 KB
Stars 4,382
Forks 681
Watchers 257
Open issues 82
Dependencies 1
Contributors 14
Tags 17
Created
Last updated
Last pushed

Top Contributors See all

AlexaZhou Gin Hex Ajay Kemparaj jiaxin halfcrazy niinaranpo Wexpo Lyu imlonghao uudiin linpeixun Alan Chan Tim Wang Xinyue Lu

Recent Tags See all

v0.3.3 August 14, 2016
v0.3.2 May 27, 2016
v0.3.1 May 05, 2016
v0.3 May 01, 2016
v0.21 April 30, 2016
v0.2.1 April 30, 2016
v0.2 March 17, 2016
v0.2-beta6 March 10, 2016
v0.2-beta5 March 09, 2016
v0.2-beta4 February 27, 2016
v0.2-beta3 February 22, 2016
v0.2-beta2 February 21, 2016
v0.2-beta1 February 21, 2016
v0.1-beta4 February 21, 2016
v0.1-beta3 February 17, 2016

Interesting Forks See all

danielCheuang/VeryNginx
A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Con...
Lua - LGPL-3.0 - Updated - 1 stars
longtian/VeryNginx
A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Con...
Lua - Last pushed - 1 stars
chris-ss/VeryNginx
A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Con...
Lua - LGPL-3.0 - Updated - 1 stars
opser-gavin/VeryNginx
A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Con...
Lua - Updated - 1 stars
ZhouLiHai/VeryNginx
A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Con...
Lua - Updated - 1 stars

Something wrong with this page? Make a suggestion

Last synced: 2017-04-17 09:42:42 UTC

Login to resync this repository