Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
CnChunfeng
/
ichunt_lua_waf
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
d6dea23e
authored
Jan 14, 2021
by
Joneq
Browse files
Options
_('Browse Files')
Download
Email Patches
Plain Diff
增加对referer的访问白名单
parent
ab03e054
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
5 additions
and
4 deletions
redirect.lua
waf.lua
redirect.lua
View file @
d6dea23e
...
@@ -12,8 +12,12 @@ function _ReM.checkgoogle(red)
...
@@ -12,8 +12,12 @@ function _ReM.checkgoogle(red)
ngx
.
var
.
host
..
':'
..
ngx
.
var
.
server_port
..
ngx
.
var
.
request_uri
)
ngx
.
var
.
host
..
':'
..
ngx
.
var
.
server_port
..
ngx
.
var
.
request_uri
)
dest
=
'http://passport.ichunt.com/static/login.html'
..
'?continue='
..
source_url
dest
=
'http://passport.ichunt.com/static/login.html'
..
'?continue='
..
source_url
if
ngx
.
req
.
get_headers
()[
'referer'
]
==
nil
then
ngx
.
req
.
get_headers
()[
'referer'
]
=
""
end
--新增如果refer不在对应的设置里面,才计算302重定向次数 get_headers里面就是浏览器的请求头小写
--新增如果refer不在对应的设置里面,才计算302重定向次数 get_headers里面就是浏览器的请求头小写
if
red
:
sismember
(
'ichunt_waf_white_referer'
,
ngx
.
req
.
get_headers
()[
'referer'
]
)
==
0
then
if
red
:
sismember
(
'ichunt_waf_white_referer'
,
referer
)
==
0
then
--获取多少时间内同一个ip可以几次302,超过就加入黑名单
--获取多少时间内同一个ip可以几次302,超过就加入黑名单
threezerotwo_second
,
err
=
red
:
get
(
'threezerotwo_second'
)
threezerotwo_second
,
err
=
red
:
get
(
'threezerotwo_second'
)
...
...
waf.lua
View file @
d6dea23e
...
@@ -59,9 +59,6 @@ if config.redis_auth ~= "" and ok then
...
@@ -59,9 +59,6 @@ if config.redis_auth ~= "" and ok then
end
end
end
end
ngx
.
say
(
ngx
.
req
.
get_headers
()[
'referer'
])
ngx
.
say
(
red
:
sismember
(
'ichunt_waf_white_referer'
,
ngx
.
req
.
get_headers
()[
'referer'
]))
ngx
.
exit
(
ngx
.
HTTP_FORBIDDEN
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment