SEnginx Pro
SEnginx Pro has performance improvements and advanced anti-ddos functions SEnginx does not have. Also SEnginx Pro has additional anti-ddos config parameters.
SEnginx Pro is based on nginx 1.22.1.
SEnginx Pro is not free.
SEnginx Pro differences from SEnginx
- Improved structure and performance of IP blacklist module operating on the front line of anti-ddos fighting.
- Anti-ddos protection against bots using fake IP address in the "x-forwarder-for" request field.
- Improved blocking IP address in "sys" mode. After successfull call the system command, the IP address also blocked for some time in the "local" mode to reject all other concurrent requests from IP address and close the connection.
- Additional config options for the flexible bots detection and banning.
- Anti-ddos and anti bots protection based on custom rules. This also provides effective protection against the advanced bots who can pass SEnginx automatic robot mitigation checks.
- Improved algorithm of processing a successfull robot test. If a client passed a check the corresponding blacklist counter decreases right at the moment instead of at the next check. These changes decrease the risk of banning the human clients under some configs.
- Improved robot detection algorithm for the POST requests. These changes significantly reduce the good server replies for the bad clients (ddos attackers) using POST requests.
- Integrated Naxsi can add bots to the SEnginx blacklist.
- Robot mitigation processing log at the info level of the error_log. This log is useful for testing and setting anti bot and anti ddos configs.
- Latest nginx.
SEnginx Pro extra config options
- ip_blacklist_use_remote_addr directive.
- ip_blacklist_timeout directive for server and location config.
- ip_blacklist_ttl directive for server and location config.
- ip_blacklist_syscmd with timeout parameter as second argument for the system command.
- naxsi_blacklist directive.
- robot_mitigation_force_update_blacklist directive.