github
/
ngx_lua_waf
mirror of https://github.com/loveshell/ngx_lua_waf
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge b32ae8f728 into 314a2f62ec

pull/46/merge
virusdefender 2016-04-10 11:37:49 +00:00
parent 314a2f62ec b32ae8f728
commit 4beac468fc
4 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config.lua
View File

@ -5,6 +5,7 @@ UrlDeny="on"
Redirect="on" Redirect="on"
CookieMatch="on" CookieMatch="on"
postMatch="on" postMatch="on"
WhiteServerName="on"
whiteModule="on" whiteModule="on"
black_fileExt={"php","jsp"} black_fileExt={"php","jsp"}
ipWhitelist={"127.0.0.1"} ipWhitelist={"127.0.0.1"}

32
init.lua
View File

@ -10,10 +10,13 @@ UrlDeny = optionIsOn(UrlDeny)
PostCheck = optionIsOn(postMatch) PostCheck = optionIsOn(postMatch)
CookieCheck = optionIsOn(cookieMatch) CookieCheck = optionIsOn(cookieMatch)
WhiteCheck = optionIsOn(whiteModule) WhiteCheck = optionIsOn(whiteModule)
WhiteServerName = optionIsOn(WhiteServerName)
PathInfoFix = optionIsOn(PathInfoFix) PathInfoFix = optionIsOn(PathInfoFix)
attacklog = optionIsOn(attacklog) attacklog = optionIsOn(attacklog)
CCDeny = optionIsOn(CCDeny) CCDeny = optionIsOn(CCDeny)
Redirect=optionIsOn(Redirect) Redirect=optionIsOn(Redirect)
function getClientIp() function getClientIp()
IP = ngx.var.remote_addr IP = ngx.var.remote_addr
if IP == nil then if IP == nil then
@ -61,9 +64,14 @@ urlrules=read_rule('url')
argsrules=read_rule('args') argsrules=read_rule('args')
uarules=read_rule('user-agent') uarules=read_rule('user-agent')
wturlrules=read_rule('whiteurl') wturlrules=read_rule('whiteurl')
white_servername_list = read_rule('white_servername')
postrules=read_rule('post') postrules=read_rule('post')
ckrules=read_rule('cookie') ckrules=read_rule('cookie')
function debug(info)
write("/var/log/nginx/waf/debug.log", info)
end
function say_html() function say_html()
if Redirect then if Redirect then
@ -86,6 +94,30 @@ function whiteurl()
end end
return false return false
end end
function white_servername()
debug("white servername")
if 1==1 then
host = ngx.req.get_headers()["Host"]
if host == nil then
debug("nil host")
return false;
end
debug(host)
if white_servername_list ~= nil then
for _, rule in pairs(white_servername_list) do
if ngxmatch(host, rule, "isjo") then
return true
end
end
end
return false
end
end
function fileExtCheck(ext) function fileExtCheck(ext)
local items = Set(black_fileExt) local items = Set(black_fileExt)
ext=string.lower(ext) ext=string.lower(ext)

1
waf.lua
View File

@ -9,6 +9,7 @@ elseif ngx.var.http_Acunetix_Aspect then
elseif ngx.var.http_X_Scan_Memo then elseif ngx.var.http_X_Scan_Memo then
ngx.exit(444) ngx.exit(444)
elseif whiteurl() then elseif whiteurl() then
elseif white_servername() then
elseif ua() then elseif ua() then
elseif url() then elseif url() then
elseif args() then elseif args() then

2
wafconf/url
View File

@ -1,4 +1,4 @@
\.(svn|htaccess|bash_history) \.(svn|git|htaccess|bash_history)
\.(bak|inc|old|mdb|sql|backup|java|class)$ \.(bak|inc|old|mdb|sql|backup|java|class)$
(vhost|bbs|host|wwwroot|www|site|root|hytop|flashfxp).*\.rar (vhost|bbs|host|wwwroot|www|site|root|hytop|flashfxp).*\.rar
(phpmyadmin|jmx-console|jmxinvokerservlet) (phpmyadmin|jmx-console|jmxinvokerservlet)