From 5676c7b66e7c11b101a69530ba40170127688af5 Mon Sep 17 00:00:00 2001 From: zhengkunwang223 Date: Tue, 6 Dec 2022 18:38:45 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E4=BF=AE=E6=94=B9waf=E5=8F=82=E6=95=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cmd/server/nginx_conf/website_default.conf | 18 ++++++---- .../config/safety/file-block-list/index.vue | 23 +++++++++++-- .../website/website/config/safety/index.vue | 33 ++++++++++++++----- .../website/config/safety/ip-list/index.vue | 31 +++++++++++++++-- .../config/safety/value-list/index.vue | 26 ++++++--------- 5 files changed, 93 insertions(+), 38 deletions(-) diff --git a/cmd/server/nginx_conf/website_default.conf b/cmd/server/nginx_conf/website_default.conf index 6ff2badb9..c6ffb7e8c 100644 --- a/cmd/server/nginx_conf/website_default.conf +++ b/cmd/server/nginx_conf/website_default.conf @@ -9,7 +9,7 @@ server { proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Real-IP $remote_addr; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade $http_upgrade;` proxy_set_header Connection "upgrade"; @@ -18,13 +18,17 @@ server { access_by_lua_file /www/common/waf/access.lua; set $RulePath /www/sites/domain/waf/rules; set $logdir /www/sites/domain/waf/log; + set $redirect on; + set $attackLog on; set $CCDeny on; - set $attacklog on; - set $whiteModule on; - set $getMatch on; - set $cookieMatch on; - set $postMatch on; - set $Redirect on; + set $urlWhiteAllow on; + set $urlBlockDeny on; + set $argsDeny on; + set $postDeny on; + set $cookieDeny on; + set $fileExtDeny on; + set $ipBlockDeny on; + set $ipWhiteAllow on; location ~ /.well-known/acme-challenge { diff --git a/frontend/src/views/website/website/config/safety/file-block-list/index.vue b/frontend/src/views/website/website/config/safety/file-block-list/index.vue index f0ca4d8a4..b44b289be 100644 --- a/frontend/src/views/website/website/config/safety/file-block-list/index.vue +++ b/frontend/src/views/website/website/config/safety/file-block-list/index.vue @@ -1,6 +1,9 @@ diff --git a/frontend/src/views/website/website/config/safety/ip-list/index.vue b/frontend/src/views/website/website/config/safety/ip-list/index.vue index d7eddeab2..a15ac0098 100644 --- a/frontend/src/views/website/website/config/safety/ip-list/index.vue +++ b/frontend/src/views/website/website/config/safety/ip-list/index.vue @@ -1,6 +1,9 @@