Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
CnChunfeng
/
ichunt_lua_waf
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
b35b21e7
authored
Oct 19, 2020
by
Joneq
Browse files
Options
_('Browse Files')
Download
Email Patches
Plain Diff
修改代码
parent
37ede371
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
4 additions
and
7 deletions
waf.lua
waf.lua
View file @
b35b21e7
...
...
@@ -34,7 +34,7 @@ end
-------链接redis------------
local
red
=
redis
:
new
()
red
=
redis
:
new
()
red
:
set_timeout
(
1000
)
local
ok
,
err
=
red
:
connect
(
config
.
redis_host
,
config
.
redis_port
)
...
...
@@ -62,7 +62,7 @@ end
--防火墙开关
spider_config_button
,
err
=
red
:
get
(
'spider_config_button'
)
if
spider_config_button
~=
ngx
.
null
and
tonumber
(
spider_config_button
)
==
1
then
red
:
close
()
ngx
.
say
(
"spider_config_button not one "
,
err
)
ngx
.
exit
(
ngx
.
HTTP_FORBIDDEN
)
return
...
...
@@ -82,7 +82,6 @@ u_agent = ngx.req.get_headers().user_agent
-- 白名单存在直接跳过
if
wafcheck
.
WhiteIp
(
user_ip
)
==
'exist'
or
wafcheck
.
WhiteUrl
(
temp_uri
)
==
'exist'
or
wafcheck
.
WhiteHeader
(
user_ip
)
==
'exist'
then
red
:
close
()
return
end
...
...
@@ -91,7 +90,6 @@ end
-- 黑名单存在直接302
if
wafcheck
.
BlackIp
(
user_ip
)
==
'exist'
or
wafcheck
.
BlackUrl
(
temp_uri
)
==
'exist'
or
wafcheck
.
BlackHeader
(
user_ip
)
==
'exist'
then
red
:
close
()
ngx
.
exit
(
ngx
.
HTTP_FORBIDDEN
)
return
end
...
...
@@ -129,7 +127,6 @@ if tonumber(ngx.var.server_name_id) == 1 and checkuri ~= nil and red:sismember
--如果超过次数就跳转至google验证页面,并且带上网址
if
tonumber
(
red
:
get
(
checkuriip
))
>
checkuricount
then
red
:
close
()
redirect
.
checkgoogle
()
end
end
...
...
@@ -305,7 +302,7 @@ spider_key_exit_time = tonumber(spider_key_exit_time)
-- 查询ip是否在封禁时间段内,若在则跳转到验证码页面
is_ban
,
err
=
red
:
sismember
(
'spider_ban'
,
user_ip
)
if
is_ban
==
1
then
red
:
close
()
if
tonumber
(
ngx
.
var
.
server_name_id
)
==
1
then
local
dest
...
...
@@ -408,7 +405,7 @@ res , err = red:expire(spider_time .. user_ip , spider_key_exit_time)
res
,
err
=
red
:
expire
(
spider_count
..
user_ip
,
spider_key_exit_time
)
local
ok
,
err
=
red
:
close
()
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment