Commit 79d8b8f7 by gongyang

完成秒速白名单开发

parent 60728c40
Showing with 40 additions and 0 deletions
......@@ -165,6 +165,8 @@ if err == nil then
checkuri,err = string.match(temp_uri, pattern)
--对比成功之后继续下一步操作
--检验多少秒内的访问频率
if checkuri ~= nil and red:sismember(platform_pattern_reids_key..'_value_'..pattern, checkuri) ~= 0 then
--获取对应的时间和次数
checkuricount = tonumber(red:get(platform_pattern_reids_key..'_count_'..checkuri))
......@@ -184,6 +186,35 @@ if err == nil then
if tonumber(red:get(checkuriip)) > checkuricount then
redirect.checkgoogle(red)
end
--2024新增检验秒速白名单功能
--功能开启 是白名单里面的,直接通过
--不是白名单里面的,超过限制次数,跳去302检验,检验成功,加入秒速白名单
if tonumber(red:get('waf_second_white_ip_open')) == 1 and wafcheck.SecondWhiteIp(user_ip,red) ~= 'exist' then
second_white_ip_expire_time = tonumber(red:get('waf_second_white_ip_time'))
second_white_count = tonumber(red:get('waf_second_white_ip_time'))
--如果不存在则设为1
timestamp_seconds = os.time()
if red:get(timestamp_seconds) == ngx.null then
red:set(timestamp_seconds,0)
end
red:incr(timestamp_seconds)
red:expire(timestamp_seconds , second_white_ip_expire_time)
--如果超过次数就跳转至google验证页面,并且带上网址
if tonumber(red:get(timestamp_seconds)) > checkuricount then
redirect.checkgoogle(red)
end
end
end
end
......
......@@ -15,6 +15,15 @@ function _Wafcheck.WhiteIp(user_ip,redis)
return "continue"
end
--------秒速白名单ip-----------
function _Wafcheck.SecondWhiteIp(user_ip,redis)
local is_exist ,err = redis:sismember('ichunt_waf_second_white_ip', user_ip)
if is_exist == 1 then
return "exist"
end
return "continue"
end
--------白名单url-----------
function _Wafcheck.WhiteUrl(url,redis)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment