External/patterns
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-18 02:05:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
patterns/waf_patterns/caddy/enforcement.conf

5 lines
2.8 KiB
Plaintext
Raw Blame History

@block_enforcement {
path_regexp enforcement "(?i)(@lt 1|@lt 1|!@within %{tx.allowed_methods}|@lt 2|@lt 2|@lt 3|@lt 3|@lt 4|@lt 4|@lt 1|@lt 1|!@rx (?i)^(?:get /[^#?]*(?:?[^sx0b#]*)?(?:#[^sx0b]*)?|(?:connect (?:(?:[0-9]{1,3}.){3}[0-9]{1,3}.?(?::[0-9]+)?|[--9A-Z_a-z]+:[0-9]+)|options *|[a-z]{3,10}[sx0b]+(?:[0-9A-Z_a-z]{3,7}?://[--9A-Z_a-z]*(?::[0-9]+)?)?/[^#?]*(?:?[^sx0b#]*)?(?:#[^sx0b]*)?)[sx0b]+[.-9A-Z_a-z]+)$|!@rx (?i)^(?:&(?:(?:[acegilnorsuz]acut|[aeiou]grav|[aino]tild)e|[c-elnr-tz]caron|(?:[cgklnr-t]cedi|[aeiouy]um)l|[aceg-josuwy]circ|[au]ring|a(?:mp|pos)|nbsp|oslash);|[^|!@rx ^d+$|@rx ^(?:GET|HEAD)$|!@rx ^0?$|@rx ^(?:GET|HEAD)$|!@eq 0|!@within HTTP/2 HTTP/2.0 HTTP/3 HTTP/3.0|@streq POST|@eq 0|@eq 0|!@eq 0|!@eq 0|@rx (d+)-(d+)|@lt %{tx.1}|@rx b(?:keep-alive|close),s?(?:keep-alive|close)b|@rx x25|@rx ^(.*)/(?:[^?]+)?(?.*)?$|@validateUrlEncoding|!@rx ^.*%.*.[^sx0b.]+$|@validateUrlEncoding|@eq 1|@validateUtf8Encoding|@rx (?i)%uff[0-9a-f]{2}|@validateByteRange 1-255|@eq 0|@rx ^$|@rx ^$|!@rx ^OPTIONS$|!@pm AppleWebKit Android Business Enterprise Entreprise|@rx ^$|!@rx ^OPTIONS$|@eq 0|@rx ^$|!@rx ^0$|@eq 0|@rx (?:^([d.]+|[[da-f:]+]|[da-f:]+)(:[d]+)?$)|@eq 1|@gt %{tx.max_num_args}|@eq 1|@gt %{tx.arg_name_length}|@eq 1|@gt %{tx.arg_length}|@eq 1|@gt %{tx.total_arg_length}|@eq 1|@rx ^(?i)multipart/form-data|@gt %{tx.max_file_size}|@eq 1|@gt %{tx.combined_file_sizes}|!@rx ^[w/.+*-]+(?:s?;s*(?:action|boundary|charset|component|start(?:-info)?|type|version)s?=s?['|@rx ^[^;s]+|!@within %{tx.allowed_request_content_type}|@rx charsets*=s*[|!@within %{tx.allowed_request_content_type_charset}|@rx charset.*?charset|!@within %{tx.allowed_http_versions}|@rx .([^.]+)$|@within %{tx.restricted_extensions}|@rx .[^.~]+~(?:/.*|)$|@rx ^.*$|@within %{tx.restricted_headers_basic}|@gt 100|!@rx ^(?:(?:*|[^!|!@streq JSON|@rx (?i)x5cu[0-9a-f]{4}|@contains #|@gt 1|@lt 2|@lt 2|@rx ^bytes=(?:(?:d+)?-(?:d+)?s*,?s*){6}|!@endsWith .pdf|@endsWith .pdf|@rx ^bytes=(?:(?:d+)?-(?:d+)?s*,?s*){63}|@rx %[0-9a-fA-F]{2}|@validateByteRange 9,10,13,32-126,128-255|@eq 0|@rx ['|!@rx ^0$|@eq 0|@rx ^.*$|@within %{tx.restricted_headers_extended}|@rx ^(?i)application/x-www-form-urlencoded|@rx x25|@validateUrlEncoding|@lt 3|@lt 3|@validateByteRange 32-36,38-126|@eq 0|!@rx ^(?:OPTIONS|CONNECT)$|!@pm AppleWebKit Android|@ge 1|@rx ^(?i)up|@gt 0|!@rx ^(?:(?:max-age=[0-9]+|min-fresh=[0-9]+|no-cache|no-store|no-transform|only-if-cached|max-stale(?:=[0-9]+)?)(?:s*,s*|$)){1,7}$|!@rx br|compress|deflate|(?:pack200-)?gzip|identity|*|^$|aes128gcm|exi|zstd|x-(?:compress|gzip)|@lt 4|@lt 4|@endsWith .pdf|@rx ^bytes=(?:(?:d+)?-(?:d+)?s*,?s*){6}|@validateByteRange 38,44-46,48-58,61,65-90,95,97-122|@validateByteRange 32,34,38,42-59,61,65-90,95,97-122|!@rx ^(?:?[01])?$|@rx (?:^|[^x5c])x5c[cdeghijklmpqwxyz123456789])"
}
respond @block_enforcement 403
Reference in New Issue View Git Blame Copy Permalink