External/patterns
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-29 16:15:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update: [Thu Feb 27 01:41:26 UTC 2025]

Browse Source
This commit is contained in:
github-actions[bot]
2025-02-27 01:41:26 +00:00
parent 02b100fdb2
commit 87d028e20c
9 changed files with 2384 additions and 2376 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
waf_patterns/nginx/bots.conf
View File

@@ -618,6 +618,7 @@ map $http_user_agent $bad_bot {
"~*MVAClient" 1;
"~*MacOutlook\/" 1;
"~*Mag-Net" 1;
"~*MagentaNews\/" 1;
"~*Magnet" 1;
"~*MagpieRSS" 1;
"~*Mail.RU_Bot" 1;
@@ -1572,6 +1573,7 @@ map $http_user_agent $bad_bot {
"~*khttp\/" 1;
"~*knows\.is" 1;
"~*kouio" 1;
"~*krawler\.dk" 1;
"~*kube-probe" 1;
"~*kubectl" 1;
"~*kulturarw3" 1;

508
waf_patterns/nginx/waf_maps.conf
View File

File diff suppressed because one or more lines are too long

80
waf_patterns/nginx/waf_rules.conf
View File

@@ -3,67 +3,37 @@
# Include this file inside server block
# WAF rules
if ($waf_block_lfi) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_initialization) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_generic) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_exceptions) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_rfi) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_attack) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_php) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_fixation) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_rce) {
if ($waf_block_rfi) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_sql) {
if ($waf_block_lfi) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_java) {
if ($waf_block_generic) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
@@ -75,13 +45,7 @@
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_sqli) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_leakages) {
if ($waf_block_sql) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
@@ -93,12 +57,42 @@
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_exceptions) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_xss) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_php) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_sqli) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_java) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_rce) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_iis) {
return 403;
# Log the blocked request (optional)
@@ -117,3 +111,9 @@
# access_log /var/log/nginx/waf_blocked.log;
}
if ($waf_block_leakages) {
return 403;
# Log the blocked request (optional)
# access_log /var/log/nginx/waf_blocked.log;
}