iProbe/Docs
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Docs/linux基础/nginx/nginx服务器防sql注入-溢出攻击-spam及禁User-agents.html
iProbe ba848e218d first commit
2022-10-18 16:59:37 +08:00

327 lines
No EOL
8.7 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="tool" content="leanote-desktop-app">
<title>nginx服务器防sql注入/溢出攻击/spam及禁User-agents</title>
<style>
*{font-family:"lucida grande","lucida sans unicode",lucida,helvetica,"Hiragino Sans GB","Microsoft YaHei","WenQuanYi Micro Hei",sans-serif;}
body {
margin: 0;
}
/*公用文字样式*/
h1{font-size:30px}h2{font-size:24px}h3{font-size:18px}h4{font-size:14px}
.note-container{
width:850px;
margin:auto;
padding: 10px 20px;
box-shadow: 1px 1px 10px #eee;
}
#title {
margin: 0;
}
table {
margin-bottom: 16px;
border-collapse: collapse;
}
table th, table td {
padding: 6px 13px;
border: 1px solid #ddd;
}
table th {
font-weight: bold;
}
table tr {
background-color: none;
border-top: 1px solid #ccc;
}
table tr:nth-child(2n) {
background-color: rgb(247, 247, 249);
}
.mce-item-table, .mce-item-table td, .mce-item-table th, .mce-item-table caption {
border: 1px solid #ddd;
border-collapse: collapse;
padding: 6px 13px;
}
blockquote {
border-left-width:10px;
background-color:rgba(128,128,128,0.05);
border-top-right-radius:5px;
border-bottom-right-radius:5px;
padding:15px 20px;
border-left:5px solid rgba(128,128,128,0.075);
}
blockquote p {
margin-bottom:1.1em;
font-size:1em;
line-height:1.45
}
blockquote ul:last-child,blockquote ol:last-child {
margin-bottom:0
}
pre {
padding: 18px;
background-color: #f7f7f9;
border: 1px solid #e1e1e8;
border-radius: 3px;
display: block;
}
code {
padding: 2px 4px;
font-size: 90%;
color: #c7254e;
white-space: nowrap;
background-color: #f9f2f4;
border-radius: 4px;
}
.footnote {
vertical-align: top;
position: relative;
top: -0.5em;
font-size: .8em;
}
hr {
margin:2em 0
}
img {
max-width:100%
}
pre {
word-break:break-word
}
p,pre,pre.prettyprint,blockquote {
margin:0 0 1.1em
}
hr {
margin:2em 0
}
img {
max-width:100%
}
.sequence-diagram,.flow-chart {
text-align:center;
margin-bottom:1.1em
}
.sequence-diagram text,.flow-chart text {
font-size:15px !important;
font-family:"Source Sans Pro",sans-serif !important
}
.sequence-diagram [fill="#ffffff"],.flow-chart [fill="#ffffff"] {
fill:#f6f6f6
}
.sequence-diagram [stroke="#000000"],.flow-chart [stroke="#000000"] {
stroke:#3f3f3f
}
.sequence-diagram text[stroke="#000000"],.flow-chart text[stroke="#000000"] {
stroke:none
}
.sequence-diagram [fill="#000"],.flow-chart [fill="#000"],.sequence-diagram [fill="#000000"],.flow-chart [fill="#000000"],.sequence-diagram [fill="black"],.flow-chart [fill="black"] {
fill:#3f3f3f
}
ul,ol {
margin-bottom:1.1em
}
ul ul,ol ul,ul ol,ol ol {
margin-bottom:1.1em
}
kbd {
padding:.1em .6em;
border:1px solid rgba(63,63,63,0.25);
-webkit-box-shadow:0 1px 0 rgba(63,63,63,0.25);
box-shadow:0 1px 0 rgba(63,63,63,0.25);
font-size:.7em;
font-family:sans-serif;
background-color:#fff;
color:#333;
border-radius:3px;
display:inline-block;
margin:0 .1em;
white-space:nowrap
}
.toc ul {
list-style-type:none;
margin-bottom:15px
}
</style>
<!-- 该css供自定义样式 -->
<link href="../leanote-html.css" rel="stylesheet">
</head>
<body>
<div class="note-container">
<h1 class="title" id="leanote-title">nginx服务器防sql注入/溢出攻击/spam及禁User-agents</h1>
<div class="content-html" id="leanote-content"><pre id="leanote_ace_1508394055763_0" class="brush:sh ace-tomorrow">server {
## 禁SQL注入 Block SQL injections
set $block_sql_injections 0;
if ($query_string ~ "union.*select.*(") {
set $block_sql_injections 1;
}
if ($query_string ~ "union.*all.*select.*") {
set $block_sql_injections 1;
}
if ($query_string ~ "concat.*(") {
set $block_sql_injections 1;
}
if ($block_sql_injections = 1) {
return 444;
}
## 禁掉文件注入
set $block_file_injections 0;
if ($query_string ~ "[a-zA-Z0-9_]=http://") {
set $block_file_injections 1;
}
if ($query_string ~ "[a-zA-Z0-9_]=(..//?)+") {
set $block_file_injections 1;
}
if ($query_string ~ "[a-zA-Z0-9_]=/([a-z0-9_.]//?)+") {
set $block_file_injections 1;
}
if ($block_file_injections = 1) {
return 444;
}
## 禁掉溢出攻击
set $block_common_exploits 0;
if ($query_string ~ "(&lt;|%3C).*script.*(&gt;|%3E)") {
set $block_common_exploits 1;
}
if ($query_string ~ "GLOBALS(=|[|%[0-9A-Z]{0,2})") {
set $block_common_exploits 1;
}
if ($query_string ~ "_REQUEST(=|[|%[0-9A-Z]{0,2})") {
set $block_common_exploits 1;
}
if ($query_string ~ "proc/self/environ") {
set $block_common_exploits 1;
}
if ($query_string ~ "mosConfig_[a-zA-Z_]{1,21}(=|%3D)") {
set $block_common_exploits 1;
}
if ($query_string ~ "base64_(en|de)code(.*)") {
set $block_common_exploits 1;
}
if ($block_common_exploits = 1) {
return 444;
}
## 禁spam字段
set $block_spam 0;
if ($query_string ~ "b(ultram|unicauca|valium|viagra|vicodin|xanax|ypxaieo)b") {
set $block_spam 1;
}
if ($query_string ~ "b(erections|hoodia|huronriveracres|impotence|levitra|libido)b") {
set $block_spam 1;
}
if ($query_string ~ "b(ambien|bluespill|cialis|cocaine|ejaculation|erectile)b") {
set $block_spam 1;
}
if ($query_string ~ "b(lipitor|phentermin|pro[sz]ac|sandyauer|tramadol|troyhamby)b") {
set $block_spam 1;
}
if ($block_spam = 1) {
return 444;
}
## 禁掉user-agents
set $block_user_agents 0;
# Dont disable wget if you need it to run cron jobs!
#if ($http_user_agent ~ "Wget") {
# set $block_user_agents 1;
#}
# Disable Akeeba Remote Control 2.5 and earlier
if ($http_user_agent ~ "Indy Library") {
set $block_user_agents 1;
}
# Common bandwidth hoggers and hacking tools.
if ($http_user_agent ~ "libwww-perl") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GetRight") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GetWeb!") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Go!Zilla") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Download Demon") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Go-Ahead-Got-It") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "TurnitinBot") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GrabNet") {
set $block_user_agents 1;
}
if ($block_user_agents = 1) {
return 444;
}
}</pre><p><br data-mce-bogus="1"></p><pre id="leanote_ace_1508397464648_0" class="brush:sh ace-tomorrow"># block sql injections
set $block_sql_injections 0;
if ($request_uri ~* "(cost\()|(concat\()"){set $block_sql_injections 1;}
if ($request_uri ~* "[+|(%20)]union[+|(%20)]") { set $block_sql_injections 1;}
if ($request_uri ~* "[+|(%20)]and[+|(%20)]") {set $block_sql_injections 1;}
if ($request_uri ~* "[+|(%20)]or[+|(%20)]") {set $block_sql_injections 1;}
if ($request_uri ~* "[+|(%20)]select[+|(%20)]") {set $block_sql_injections 1;}
if ($query_string ~* ".*[;'&lt;&gt;].*" ){set $block_sql_injections 1;}
if ($uri ~* (.*)(insert|select|delete|update|count|master|truncate|declare|exec|\*|%|\')(.*)$ ) { set $block_sql_injections 1; }
if ($block_sql_injections = 1) {return 403;}
# block file injections
set $block_file_injections 0;
if ($query_string ~ “[a-zA-Z0-9_]=http://”) { set $block_file_injections 1;}
if ($query_string ~ “[a-zA-Z0-9_]=(..//?)+”) {set $block_file_injections 1;}
if ($query_string ~ “[a-zA-Z0-9_]=/([a-z0-9_.]//?)+”){set $block_file_injections 1;}
if ($block_file_injections = 1) {return 403;}
set $block_spam 0;
if ($query_string ~ "\b(ultram|unicauca|valium|viagra|vicodin|xanax|ypxaieo)\b") {set $block_spam 1;}
if ($query_string ~ "\b(erections|hoodia|huronriveracres|impotence|levitra|libido)\b") {set $block_spam 1;}
if ($query_string ~ "\b(ambien|blue\spill|cialis|cocaine|ejaculation|erectile)\b") {set $block_spam 1;}
if ($query_string ~ "\b(lipitor|phentermin|pro[sz]ac|sandyauer|tramadol|troyhamby)\b") {set $block_spam 1;}
if ($block_spam = 1) {return 403;}
set $block_user_agents 0;
# Don't disable wget if you need it to run cron jobs!
#if ($http_user_agent ~ "Wget") {set $block_user_agents 1;}
# Disable Akeeba Remote Control 2.5 and earlier
if ($http_user_agent ~ "Indy Library") {set $block_user_agents 1;}
# Common bandwidth hoggers and hacking tools.
if ($http_user_agent ~ "libwww-perl") {set $block_user_agents 1;}
if ($http_user_agent ~ "GetRight") {set $block_user_agents 1;}
if ($http_user_agent ~ "GetWeb!") {set $block_user_agents 1;}
if ($http_user_agent ~ "Go!Zilla") {set $block_user_agents 1;}
if ($http_user_agent ~ "Download Demon") {set $block_user_agents 1;}
if ($http_user_agent ~ "Go-Ahead-Got-It") {set $block_user_agents 1;}
if ($http_user_agent ~ "TurnitinBot") {set $block_user_agents 1;}
if ($http_user_agent ~ "GrabNet") {set $block_user_agents 1;}
if ($block_user_agents = 1) {return 403;}</pre><p><br data-mce-bogus="1"></p></div>
</div>
<!-- 该js供其它处理 -->
<script src="../leanote-html.js"></script>
</body>
</html>
Reference in a new issue View git blame Copy permalink