External/patterns
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-29 16:15:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update: [Sun Dec 22 00:28:28 UTC 2024]

Browse Source
This commit is contained in:
github-actions[bot]
2024-12-22 00:28:28 +00:00
parent b05a7d87c2
commit 1e4bb70b5d
50 changed files with 428 additions and 577 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
waf_patterns/nginx/attack.conf
View File

@@ -42,7 +42,7 @@ location / {
set $attack_detected 1;
}
if ($request_uri ~* "@rx ^[^sx0b,;]+[sx0b,;].*?(?:application/(?:.++)?json|(?:application/(?:soap+)?|text/)xml)") {
if ($request_uri ~* "@rx ^[^sv,;]+[sv,;].*?(?:application/(?:.++)?json|(?:application/(?:soap+)?|text/)xml)") {
set $attack_detected 1;
}
@@ -62,7 +62,7 @@ location / {
set $attack_detected 1;
}
if ($request_uri ~* "@rx ^[^sx0b,;]+[sx0b,;].*?b(?:((?:tex|multipar)t|application)|((?:audi|vide)o|image|cs[sv]|(?:vn|relate)d|p(?:df|lain)|json|(?:soa|cs)p|x(?:ml|-www-form-urlencoded)|form-data|x-amf|(?:octe|repor)t|stream)|([+/]))b") {
if ($request_uri ~* "@rx ^[^sv,;]+[sv,;].*?b(?:((?:tex|multipar)t|application)|((?:audi|vide)o|image|cs[sv]|(?:vn|relate)d|p(?:df|lain)|json|(?:soa|cs)p|x(?:ml|-www-form-urlencoded)|form-data|x-amf|(?:octe|repor)t|stream)|([+/]))b") {
set $attack_detected 1;
}
@@ -86,6 +86,10 @@ location / {
set $attack_detected 1;
}
if ($request_uri ~* "@rx TX:paramcounter_(.*)") {
set $attack_detected 1;
}
if ($request_uri ~* "@rx (][^]]+$|][^]]+[)") {
set $attack_detected 1;
}
@@ -114,7 +118,7 @@ location / {
set $attack_detected 1;
}
if ($request_uri ~* "!@rx ^(?:(?:*|[^!") {
if ($request_uri ~* "!@rx ^(?:(?:*|[^!-") {
set $attack_detected 1;
}
@@ -122,10 +126,6 @@ location / {
set $attack_detected 1;
}
if ($request_uri ~* "@rx [^x21-x7E][x21-x39x3B-x7E]*:") {
set $attack_detected 1;
}
if ($attack_detected = 1) {
return 403;
}