Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
CnChunfeng
/
ichunt_lua_waf
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
dbd87ab3
authored
Jan 14, 2021
by
Joneq
Browse files
Options
_('Browse Files')
Download
Email Patches
Plain Diff
答应header变量
parent
c98eab8e
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
7 additions
and
5 deletions
redirect.lua
waf.lua
redirect.lua
View file @
dbd87ab3
...
@@ -12,8 +12,9 @@ function _ReM.checkgoogle(red)
...
@@ -12,8 +12,9 @@ function _ReM.checkgoogle(red)
ngx
.
var
.
host
..
':'
..
ngx
.
var
.
server_port
..
ngx
.
var
.
request_uri
)
ngx
.
var
.
host
..
':'
..
ngx
.
var
.
server_port
..
ngx
.
var
.
request_uri
)
dest
=
'http://passport.ichunt.com/static/login.html'
..
'?continue='
..
source_url
dest
=
'http://passport.ichunt.com/static/login.html'
..
'?continue='
..
source_url
--新增如果refer不在对应的设置里面,才计算302重定向次数
--新增如果refer不在对应的设置里面,才计算302重定向次数 get_headers里面就是浏览器的请求头小写
if
red
:
sismember
(
'waf_urldesc_limit'
,
ngx
.
req
.
get_headers
()[
'referer'
])
==
0
then
if
red
:
sismember
(
'waf_white_refer'
,
ngx
.
req
.
get_headers
()[
'referer'
])
==
0
then
--获取多少时间内同一个ip可以几次302,超过就加入黑名单
--获取多少时间内同一个ip可以几次302,超过就加入黑名单
threezerotwo_second
,
err
=
red
:
get
(
'threezerotwo_second'
)
threezerotwo_second
,
err
=
red
:
get
(
'threezerotwo_second'
)
...
...
waf.lua
View file @
dbd87ab3
...
@@ -22,6 +22,8 @@ local cjson = require "cjson"
...
@@ -22,6 +22,8 @@ local cjson = require "cjson"
-------去除一些不要验证的请求并获取url
-------去除一些不要验证的请求并获取url
local
urlok
,
temp_uri
=
reqhandle
.
Selfwhiteurl
()
local
urlok
,
temp_uri
=
reqhandle
.
Selfwhiteurl
()
...
@@ -57,9 +59,8 @@ if config.redis_auth ~= "" and ok then
...
@@ -57,9 +59,8 @@ if config.redis_auth ~= "" and ok then
end
end
end
end
ngx
.
say
(
ngx
.
req
.
get_headers
()[
'referer'
])
ngx
.
say
(
red
:
sismember
(
'waf_urldesc_limit'
,
ngx
.
req
.
get_headers
()[
'referer'
])
==
0
)
ngx
.
exit
(
ngx
.
HTTP_FORBIDDEN
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment