patterns/waf_patterns/nginx/leakages.conf

# Nginx WAF rules for LEAKAGES
location / {
    set $attack_detected 0;

    if ($request_uri ~* "(?:<(?:TITLE>Index of.*?<H|title>Index of.*?<h)1>Index of|>[To Parent Directory]</[Aa]><br>)") {
        set $attack_detected 1;
    }

    if ($request_uri ~* "^5d{2}$") {
        set $attack_detected 1;
    }

    if ($request_uri ~* "^#!s?/") {
        set $attack_detected 1;
    }

    if ($attack_detected = 1) {
        return 403;
    }
}
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024] 2024-12-21 00:30:30 +00:00			`# Nginx WAF rules for LEAKAGES`
			`location / {`
			`set $attack_detected 0;`

Update: [Thu Jan 16 00:26:08 UTC 2025] 2025-01-16 00:26:08 +00:00			`if ($request_uri ~* "(?:<(?:TITLE>Index of.?<H\|title>Index of.?<h)1>Index of\|>[To Parent Directory]</[Aa]><br>)") {`
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024] 2024-12-21 00:30:30 +00:00			`set $attack_detected 1;`
			`}`

Update: [Thu Jan 16 00:26:08 UTC 2025] 2025-01-16 00:26:08 +00:00			`if ($request_uri ~* "^5d{2}$") {`
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024] 2024-12-21 00:30:30 +00:00			`set $attack_detected 1;`
			`}`

Update: [Thu Jan 16 00:26:08 UTC 2025] 2025-01-16 00:26:08 +00:00			`if ($request_uri ~* "^#!s?/") {`
Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024] 2024-12-21 00:30:30 +00:00			`set $attack_detected 1;`
			`}`

			`if ($attack_detected = 1) {`
			`return 403;`
			`}`
			`}`