External/patterns
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-29 16:15:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update: [Tue Jan 14 00:25:28 UTC 2025]

Browse Source
This commit is contained in:
github-actions[bot]
2025-01-14 00:25:28 +00:00
parent 505af665ab
commit 7a8b6a4959
38 changed files with 3554 additions and 3554 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
waf_patterns/nginx/fixation.conf
View File

@@ -6,22 +6,22 @@ location / {
set $attack_detected 1;
}
if ($request_uri ~* "^(?:ht|f)tps?://(.*?)/") {
set $attack_detected 1;
}
if ($request_uri ~* "^(?:jsessionid|aspsessionid|asp.net_sessionid|phpsession|phpsessid|weblogicsession|session_id|session-id|cfid|cftoken|cfsid|jservsession|jwsession)$") {
set $attack_detected 1;
}
if ($request_uri ~* "!@endsWith %{request_headers.host}") {
set $attack_detected 1;
}
if ($request_uri ~* "^(?:ht|f)tps?://(.*?)/") {
set $attack_detected 1;
}
if ($request_uri ~* "(?i:.cookieb.*?;W*?(?:expires|domain)W*?=|bhttp-equivW+set-cookieb)") {
set $attack_detected 1;
}
if ($request_uri ~* "^(?:jsessionid|aspsessionid|asp.net_sessionid|phpsession|phpsessid|weblogicsession|session_id|session-id|cfid|cftoken|cfsid|jservsession|jwsession)$") {
set $attack_detected 1;
}
if ($attack_detected = 1) {
return 403;
}