Join the community today
Register Now

Master Branch update Nginx block.conf include

Discussion in 'Centmin Mod Github Commits' started by eva2000, Jun 30, 2014.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    54,547
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    5:23 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    update Nginx block.conf include


    Continue reading...
     
  2. rdan

    rdan Well-Known Member

    5,446
    1,408
    113
    May 25, 2014
    Ratings:
    +2,201
    Local Time:
    3:23 PM
    Mainline
    10.2
    This can be simplified using 1/single set variable.
    I remove useragent and spam words on this code.
    Code:
        ## Block SQL injections
        set $block_hack_injections 0;
        
        if ($query_string ~ "union.*select.*\(") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "union.*all.*select.*") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "concat.*\(") {
            set $block_hack_injections 1;
        }
    
        ## Block file injections
        if ($query_string ~ "[a-zA-Z0-9_]=http://") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "[a-zA-Z0-9_]=(\.\.//?)+") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "[a-zA-Z0-9_]=/([a-z0-9_.]//?)+") {
            set $block_hack_injections 1;
        }
    
        ## Block common exploits
        if ($query_string ~ "(<|%3C).*script.*(>|%3E)") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "GLOBALS(=|\[|\%[0-9A-Z]{0,2})") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "_REQUEST(=|\[|\%[0-9A-Z]{0,2})") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "proc/self/environ") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "mosConfig_[a-zA-Z_]{1,21}(=|\%3D)") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "base64_(en|de)code\(.*\)") {
            set $block_hack_injections 1;
        }
        if ($block_hack_injections = 1) {
            return 403;
        }