阻止SQL注入和类似攻击的Nginx配置

・2 分钟阅读

阻止SQL注入和类似攻击的Nginx配置



 location ~* "(eval()" { deny all; }
 location ~* "(127.0.0.1)" { deny all; }
 location ~* "([a-z0-9]{2000})" { deny all; }
 location ~* "(javascript:)(.*)(;)" { deny all; }
 location ~* "(base64_encode)(.*)(()" { deny all; }
 location ~* "(GLOBALS|REQUEST)(=|[|%)" { deny all; }
 location ~* "(<|%3C).*script.*(>|%3)" { deny all; }
 location ~ "(|...|../|~|`|<|>||)" { deny all; }
 location ~* "(boot.ini|etc/passwd|self/environ)" { deny all; }
 location ~* "(thumbs?(_editor|open)?|tim(thumb)?).php" { deny all; }
 location ~* "('|")(.*)(drop|insert|md5|select|union)" { deny all; }
 location ~* "(https?|ftp|php):/" { deny all; }
 location ~* "(='|=%27|/'/?)." { deny all; }
 location ~* "/($(&)?|*|"|.|,|&|&?)/?$" { deny all; }
 location ~ "({0}|(/(|...|+++|"")" { deny all; }
 location ~ "(~|`|<|>|:|;|%||s|{|}|[|]||)" { deny all; }
 location ~* "/(=|$&|_mm|(wp-)?config.|cgi-|etc/passwd|muieblack)" { deny all; }
 location ~* "(&pws=0|_vti_|(null)|{$itemURL}|echo(.*)kae|etc/passwd|eval(|self/environ)" { deny all; }
 location ~* ".(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" { deny all; }
 location ~* "/(^$|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell).php" { deny all; }

Hrh profile image