External/patterns

mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-17 17:55:48 +00:00

History

github-actions[bot] daeb6d2048 Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

..

attack.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

bots.conf

Update: [Sat Jan 4 00:25:48 UTC 2025]

2025-01-04 00:25:48 +00:00

correlation.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

detection.conf

Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:30:30 UTC 2024]

2024-12-21 00:30:30 +00:00

enforcement.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

evaluation.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

exceptions.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

fixation.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

generic.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

iis.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

initialization.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

java.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

leakages.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

lfi.conf

nginx generation improved

2025-01-16 13:49:54 +01:00

php.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

rce.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

README.md

nginx generation improved

2025-01-16 13:49:54 +01:00

rfi.conf

nginx generation improved

2025-01-16 13:49:54 +01:00

shells.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

sql.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

sqli.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

xss.conf

Update: [Fri Jan 17 00:25:08 UTC 2025]

2025-01-17 00:25:08 +00:00

README.md

Nginx WAF Rule Snippets

This directory contains Nginx WAF rule snippets generated from OWASP rules. You can include these snippets in your existing Nginx configuration to enhance security.

Usage

Include the rule snippets in your server or location block:

server {
    # Your existing configuration
    include /path/to/waf_patterns/nginx/*.conf;
}

Reload Nginx to apply the changes:

sudo nginx -t && sudo systemctl reload nginx

Notes

The rules use map directives for efficient pattern matching.
Blocked requests return a 403 Forbidden response by default.
You can enable logging for blocked requests by uncommenting the access_log line.