External/patterns
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-17 17:55:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
patterns/waf_patterns/nginx/iis.conf

25 lines
763 B
Plaintext
Raw Normal View History

Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024]
2024-12-21 00:30:30 +00:00
# Nginx WAF rules for IIS
location / {
set $attack_detected 0;
Update: [Tue Jan 14 00:25:28 UTC 2025]
2025-01-14 00:25:28 +00:00
if ($request_uri ~* "!@rx ^404$") {
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024]
2024-12-21 00:30:30 +00:00
set $attack_detected 1;
}
Update: [Tue Jan 14 00:25:28 UTC 2025]
2025-01-14 00:25:28 +00:00
if ($request_uri ~* "bServer Error in.{0,50}?bApplicationb") {
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024]
2024-12-21 00:30:30 +00:00
set $attack_detected 1;
}
Update: [Tue Jan 14 00:25:28 UTC 2025]
2025-01-14 00:25:28 +00:00
if ($request_uri ~* "[a-z]:x5cinetpubb") {
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024]
2024-12-21 00:30:30 +00:00
set $attack_detected 1;
}
Update: [Tue Jan 14 00:25:28 UTC 2025]
2025-01-14 00:25:28 +00:00
if ($request_uri ~* "(?:Microsoft OLE DB Provider for SQL Server(?:</font>.{1,20}?error '800(?:04005|40e31)'.{1,40}?Timeout expired| (0x80040e31)<br>Timeout expired<br>)|<h1>internal server error</h1>.*?<h2>part of the server has crashed or it has a configuration error.</h2>|cannot connect to the server: timed out)") {
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024]
2024-12-21 00:30:30 +00:00
set $attack_detected 1;
}
if ($attack_detected = 1) {
return 403;
}
}
Reference in New Issue Copy Permalink