Update and rename test.lua to anti-cc.lua

2 years ago · 74c0f63302
2 changed files with 28 additions and 0 deletions
--- a/rules/anti-cc.lua
+++ b/rules/anti-cc.lua
@ -0,0 +1,28 @@
+--[[
+规则名称: anti cc
+
+过滤阶段: 请求阶段
+
+危险等级: 中危
+
+规则描述: 当一分钟访问/api/路径频率超过360次，则在5分钟内拦截该ip访问
+--]]
+
+
+local sh = ngx.shared.ipCache
+local c, f = sh:get(waf.ip)
+
+if not waf.startWith(waf.toLower(waf.uri),"/api/") then
+    return false
+end
+
+if not c then
+    sh:set("cc" .. waf.ip, 0, 60, 1)
+else
+    if f == 2 then
+        return ngx.exit(403)
+    elseif c >= 360 then
+        sh:set("cc" .. waf.ip, c, 300, 2)
+    end
+end
+return false
--- a/rules/test.lua
+++ b/rules/test.lua