Learn about Centmin Mod LEMP Stack today
Become a Member

Master Branch update Nginx block.conf include

Discussion in 'Centmin Mod Github Commits' started by eva2000, Jun 30, 2014.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    42,079
    9,499
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,616
    Local Time:
    10:30 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    update Nginx block.conf include

    Continue reading...
     
  2. rdan

    rdan Well-Known Member

    4,715
    1,138
    113
    May 25, 2014
    Ratings:
    +1,694
    Local Time:
    8:30 AM
    Mainline
    10.2
    This can be simplified using 1/single set variable.
    I remove useragent and spam words on this code.
    Code:
        ## Block SQL injections
        set $block_hack_injections 0;
        
        if ($query_string ~ "union.*select.*\(") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "union.*all.*select.*") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "concat.*\(") {
            set $block_hack_injections 1;
        }
    
        ## Block file injections
        if ($query_string ~ "[a-zA-Z0-9_]=http://") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "[a-zA-Z0-9_]=(\.\.//?)+") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "[a-zA-Z0-9_]=/([a-z0-9_.]//?)+") {
            set $block_hack_injections 1;
        }
    
        ## Block common exploits
        if ($query_string ~ "(<|%3C).*script.*(>|%3E)") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "GLOBALS(=|\[|\%[0-9A-Z]{0,2})") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "_REQUEST(=|\[|\%[0-9A-Z]{0,2})") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "proc/self/environ") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "mosConfig_[a-zA-Z_]{1,21}(=|\%3D)") {
            set $block_hack_injections 1;
        }
        if ($query_string ~ "base64_(en|de)code\(.*\)") {
            set $block_hack_injections 1;
        }
        if ($block_hack_injections = 1) {
            return 403;
        }