Hello! On Tue, Jan 30, 2024 at 10:28:23AM +0200, Clima Gabriel wrote:
> Greetings fellow nginx-devs, > It looks to me as if an attacker could force the server to use up a large > amount of resources doing ngx_http_regex_exec if the server were to be > configured with a relatively large number of regex server_names. > I would appreciate any ideas on the topic, especially suggestions as to how > some form of caching could be implemented for the responses, so that the > server didn't have to execute the ngx_http_regex_exec on subsequent > requests. Not using "large number of regex server_names" might be the best solution available here. Requests are not required to be to the same virtual server, and caching won't generally work. -- Maxim Dounin http://mdounin.ru/ _______________________________________________ nginx mailing list nginx@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx
