Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024]

waf_patterns/nginx/exceptions.conf

@@ -0,0 +1,28 @@
+# Nginx WAF rules for EXCEPTIONS
+location / {
+    set $attack_detected 0;
+
+    if ($request_uri ~* "@streq GET /") {
+        set $attack_detected 1;
+    }
+
+    if ($request_uri ~* "@ipMatch 127.0.0.1,::1") {
+        set $attack_detected 1;
+    }
+
+    if ($request_uri ~* "@ipMatch 127.0.0.1,::1") {
+        set $attack_detected 1;
+    }
+
+    if ($request_uri ~* "@endsWith (internal dummy connection)") {
+        set $attack_detected 1;
+    }
+
+    if ($request_uri ~* "@rx ^(?:GET /|OPTIONS *) HTTP/[12].[01]$") {
+        set $attack_detected 1;
+    }
+
+    if ($attack_detected = 1) {
+        return 403;
+    }
+}