a project of Open Source by Tonkünstler-on-the-Bund
nG-SetEnvIf was created as a fork of the nG Firewall that replicates its functionality in Apache httpd using mod_setenvif
and tracks upstream release. The trade-off is between the efficiency gained over mod_rewrite
and having to defer to any existing rewrite rules (eg for permalink settings).
The focus being on performance, no logging facility is provided in addition to httpd's native logs. Backreference support has been removed to minimise memory footprint.
Note
httpd's default behaviour (eg MergeSlashes) overrides certain rules.
Warning
Test with mod_rewrite before deploying nG-SetEnvIf.
Use case: httpd.conf
Requires: mod_setenvif
, mod_authz_core
, mod_log_config
Docs: Apache Module mod_setenvif, and see the discussion here
Recipes: Post-quantum KEM, URL normalisation, block AI crawlers, block spam emails, disable mod_rewrite
(WP), rate-limiting (WP), integration with Cloudflare
Known issues: See project Wiki
Upstream: 8G v1.3, courtesy of Jeff Starr
Idea for fork: Port these rules to Cloudflare's free-tier WAF
Our Sponsor: