2024-12-21 00:30:30 +00:00
# Nginx WAF rules for FIXATION
location / {
set $attack_detected 0;
2025-01-12 00:29:42 +00:00
if ($request_uri ~* "^(?:jsessionid|aspsessionid|asp.net_sessionid|phpsession|phpsessid|weblogicsession|session_id|session-id|cfid|cftoken|cfsid|jservsession|jwsession)$") {
2024-12-21 00:30:30 +00:00
set $attack_detected 1;
}
2025-01-12 00:29:42 +00:00
if ($request_uri ~* "!@endsWith %{request_headers.host}") {
2024-12-21 00:30:30 +00:00
set $attack_detected 1;
}
2025-01-12 00:29:42 +00:00
if ($request_uri ~* "(?i:.cookieb.*?;W*?(?:expires|domain)W*?=|bhttp-equivW+set-cookieb)") {
2024-12-21 00:30:30 +00:00
set $attack_detected 1;
}
2025-01-12 00:29:42 +00:00
if ($request_uri ~* "^(?:ht|f)tps?://(.*?)/") {
2024-12-21 00:30:30 +00:00
set $attack_detected 1;
}
2025-01-10 00:27:14 +00:00
if ($request_uri ~* "@eq 0") {
2025-01-08 00:26:52 +00:00
set $attack_detected 1;
}
2024-12-21 00:30:30 +00:00
if ($attack_detected = 1) {
return 403;
}
}
