This is the thing, I was bored so I start to rewrite several parts of the code of my site, right now, for security checks, there are some things done by the php code and others by mod_rewrite, for instance, many of the RFI, LFI, XSS attempts are avoided thanks to mod_rewrite.
As I was rewriting things I started to wondering what is faster, mod_rewrite or php while doing the security checks, so you can understand me better, I'll use an example:
A simple check for the user agent send in the request (just for example purposes)...
Doing it with mod_rewrite will be like:
Code: Select all
RewriteCond %{HTTP_USER_AGENT} ^.*(curl|wget|libwww).* [NC]
RewriteRule ^(.*)$ - [F]
Code: Select all
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$bad_user_agents = array("curl", "wget", "libwww");
for ($bad_user_agents as $value) {
if ( stristr($user_agent, $value) == true ) {
#Something is done, sending a 403 code, redirecting to a logger or the like.
}
}
I'm thinking in the request itself and how it's processed by both methods:
Using mod_rewrite:
The request is recieved by apache, apache pass this request to mod_rewrite which start to looping the user agent string to see if it contains wget, curl or libwww. Checking is done and mod_rewrite sends a response to apache which then will send the request to the php script so the request can finally be processed.
Using php:
Apache recieves the request, pass it to the php script which start looping the user agent for several defined strings, if stristr returns a match, something is done to avoid the process of the request send by a bad user agent, if not, the request gets processed by the rest of the script.
So which engine will generate a response faster? (based on the way the request is processed)
Also I've no problem to read any external source so if you just point me to the right direction where I can find such information will be appreciated.