External/patterns
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-17 17:55:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
patterns/waf_patterns/nginx/evaluation.conf

225 lines
4.2 KiB
Plaintext
Raw Blame History

# Nginx WAF rules for EVALUATION
location / {
set $attack_detected 0;
if ($request_uri ~* "@ge 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge %{tx.inbound_anomaly_score_threshold}") {
set $attack_detected 1;
}
if ($request_uri ~* "@eq 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge %{tx.inbound_anomaly_score_threshold}") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge %{tx.outbound_anomaly_score_threshold}") {
set $attack_detected 1;
}
if ($request_uri ~* "@eq 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@ge %{tx.outbound_anomaly_score_threshold}") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 1") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 2") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 3") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 4") {
set $attack_detected 1;
}
if ($request_uri ~* "@lt 4") {
set $attack_detected 1;
}
if ($attack_detected = 1) {
return 403;
}
}
Reference in New Issue View Git Blame Copy Permalink