patterns/waf_patterns/nginx/leakages.conf

# Nginx WAF rules for LEAKAGES
# Automatically generated from OWASP rules.
# Include this file in your server or location block.

map $request_uri $waf_block_leakages {
    default 0;
    "~*^#!s?/" 1;
    "~*(?:<(?:TITLE>Index of.*?<H|title>Index of.*?<h)1>Index of|>[To Parent Directory]</[Aa]><br>)" 1;
    "~*^5d{2}$" 1;
}

if ($waf_block_leakages) {
    return 403;
    # Log the blocked request (optional)
    # access_log /var/log/nginx/waf_blocked.log;
}
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024] 2024-12-21 00:30:30 +00:00			`# Nginx WAF rules for LEAKAGES`
nginx generation improved 2025-01-16 13:49:54 +01:00			`# Automatically generated from OWASP rules.`
			`# Include this file in your server or location block.`
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024] 2024-12-21 00:30:30 +00:00
nginx generation improved 2025-01-16 13:49:54 +01:00			`map $request_uri $waf_block_leakages {`
			`default 0;`
			`"~*^#!s?/" 1;`
			`"~(?:<(?:TITLE>Index of.?<H\|title>Index of.*?<h)1>Index of\|>[To Parent Directory]</[Aa]><br>)" 1;`
			`"~*^5d{2}$" 1;`
			`}`
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024] 2024-12-21 00:30:30 +00:00
nginx generation improved 2025-01-16 13:49:54 +01:00			`if ($waf_block_leakages) {`
			`return 403;`
			`# Log the blocked request (optional)`
			`# access_log /var/log/nginx/waf_blocked.log;`
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024] 2024-12-21 00:30:30 +00:00			`}`
nginx generation improved 2025-01-16 13:49:54 +01:00