mirror of
https://github.com/fabriziosalmi/patterns.git
synced 2025-12-17 17:55:48 +00:00
45 lines
832 B
Plaintext
45 lines
832 B
Plaintext
# Nginx WAF rules for DETECTION
|
|
location / {
|
|
set $attack_detected 0;
|
|
|
|
if ($request_uri ~* "@lt 1") {
|
|
set $attack_detected 1;
|
|
}
|
|
|
|
if ($request_uri ~* "@lt 1") {
|
|
set $attack_detected 1;
|
|
}
|
|
|
|
if ($request_uri ~* "@pmFromFile scanners-user-agents.data") {
|
|
set $attack_detected 1;
|
|
}
|
|
|
|
if ($request_uri ~* "@lt 2") {
|
|
set $attack_detected 1;
|
|
}
|
|
|
|
if ($request_uri ~* "@lt 2") {
|
|
set $attack_detected 1;
|
|
}
|
|
|
|
if ($request_uri ~* "@lt 3") {
|
|
set $attack_detected 1;
|
|
}
|
|
|
|
if ($request_uri ~* "@lt 3") {
|
|
set $attack_detected 1;
|
|
}
|
|
|
|
if ($request_uri ~* "@lt 4") {
|
|
set $attack_detected 1;
|
|
}
|
|
|
|
if ($request_uri ~* "@lt 4") {
|
|
set $attack_detected 1;
|
|
}
|
|
|
|
if ($attack_detected = 1) {
|
|
return 403;
|
|
}
|
|
}
|