github
/
ngx_lua_waf
mirror of https://github.com/loveshell/ngx_lua_waf
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

deny ssrf attack and some illegality method

distributed
loveshell 2013-03-24 01:19:13 +08:00
parent 494ba3d377
commit c7aff89327
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wafconf/phpids
View File

@ -35,3 +35,5 @@ phpinfo\(
\<\!\-\-\W*?#\W*?(?:e(?:cho|xec)|printenv|include|cmd)
(?i:(\binclude\s*\([^)]*|mosConfig_absolute_path|_CONF\[path\]|_SERVER\[DOCUMENT_ROOT\]|GALLERY_BASEDIR|path\[docroot\]|appserv_root|config\[root_dir\])=(ht|f)tps?:\/\/)
(?:\b(?:\.(?:ht(?:access|passwd|group)|www_?acl)|global\.asa|httpd\.conf|boot\.ini)\b|\/etc\/)
(gopher|doc|php|glob|file|phar|zlib|ftp|ldap|dict|ogg|data|expect)\:\/
\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)\[