Commit d6dea23e by Joneq

增加对referer的访问白名单

parent ab03e054
Showing with 5 additions and 4 deletions
...@@ -12,8 +12,12 @@ function _ReM.checkgoogle(red) ...@@ -12,8 +12,12 @@ function _ReM.checkgoogle(red)
ngx.var.host .. ':' .. ngx.var.server_port .. ngx.var.request_uri) ngx.var.host .. ':' .. ngx.var.server_port .. ngx.var.request_uri)
dest = 'http://passport.ichunt.com/static/login.html' .. '?continue=' .. source_url dest = 'http://passport.ichunt.com/static/login.html' .. '?continue=' .. source_url
if ngx.req.get_headers()['referer'] == nil then
ngx.req.get_headers()['referer'] = ""
end
--新增如果refer不在对应的设置里面,才计算302重定向次数 get_headers里面就是浏览器的请求头小写 --新增如果refer不在对应的设置里面,才计算302重定向次数 get_headers里面就是浏览器的请求头小写
if red:sismember('ichunt_waf_white_referer', ngx.req.get_headers()['referer']) == 0 then if red:sismember('ichunt_waf_white_referer', referer) == 0 then
--获取多少时间内同一个ip可以几次302,超过就加入黑名单 --获取多少时间内同一个ip可以几次302,超过就加入黑名单
threezerotwo_second , err = red:get('threezerotwo_second') threezerotwo_second , err = red:get('threezerotwo_second')
......
...@@ -59,9 +59,6 @@ if config.redis_auth ~= "" and ok then ...@@ -59,9 +59,6 @@ if config.redis_auth ~= "" and ok then
end end
end end
ngx.say(ngx.req.get_headers()['referer'])
ngx.say(red:sismember('ichunt_waf_white_referer', ngx.req.get_headers()['referer']))
ngx.exit(ngx.HTTP_FORBIDDEN)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment