Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
CnChunfeng
/
ichunt_lua_waf
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
79d8b8f7
authored
Nov 05, 2024
by
gongyang
Browse files
Options
_('Browse Files')
Download
Email Patches
Plain Diff
完成秒速白名单开发
parent
60728c40
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
40 additions
and
0 deletions
waf.lua
wafcheck.lua
waf.lua
View file @
79d8b8f7
...
...
@@ -165,6 +165,8 @@ if err == nil then
checkuri
,
err
=
string.match
(
temp_uri
,
pattern
)
--对比成功之后继续下一步操作
--检验多少秒内的访问频率
if
checkuri
~=
nil
and
red
:
sismember
(
platform_pattern_reids_key
..
'_value_'
..
pattern
,
checkuri
)
~=
0
then
--获取对应的时间和次数
checkuricount
=
tonumber
(
red
:
get
(
platform_pattern_reids_key
..
'_count_'
..
checkuri
))
...
...
@@ -184,6 +186,35 @@ if err == nil then
if
tonumber
(
red
:
get
(
checkuriip
))
>
checkuricount
then
redirect
.
checkgoogle
(
red
)
end
--2024新增检验秒速白名单功能
--功能开启 是白名单里面的,直接通过
--不是白名单里面的,超过限制次数,跳去302检验,检验成功,加入秒速白名单
if
tonumber
(
red
:
get
(
'waf_second_white_ip_open'
))
==
1
and
wafcheck
.
SecondWhiteIp
(
user_ip
,
red
)
~=
'exist'
then
second_white_ip_expire_time
=
tonumber
(
red
:
get
(
'waf_second_white_ip_time'
))
second_white_count
=
tonumber
(
red
:
get
(
'waf_second_white_ip_time'
))
--如果不存在则设为1
timestamp_seconds
=
os.time
()
if
red
:
get
(
timestamp_seconds
)
==
ngx
.
null
then
red
:
set
(
timestamp_seconds
,
0
)
end
red
:
incr
(
timestamp_seconds
)
red
:
expire
(
timestamp_seconds
,
second_white_ip_expire_time
)
--如果超过次数就跳转至google验证页面,并且带上网址
if
tonumber
(
red
:
get
(
timestamp_seconds
))
>
checkuricount
then
redirect
.
checkgoogle
(
red
)
end
end
end
end
...
...
wafcheck.lua
View file @
79d8b8f7
...
...
@@ -15,6 +15,15 @@ function _Wafcheck.WhiteIp(user_ip,redis)
return
"continue"
end
--------秒速白名单ip-----------
function
_Wafcheck
.
SecondWhiteIp
(
user_ip
,
redis
)
local
is_exist
,
err
=
redis
:
sismember
(
'ichunt_waf_second_white_ip'
,
user_ip
)
if
is_exist
==
1
then
return
"exist"
end
return
"continue"
end
--------白名单url-----------
function
_Wafcheck
.
WhiteUrl
(
url
,
redis
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment