Block $bad_uri_words prototype #365
Conversation
|
Thank your for raising your pull request. |
|
Thanks for your PR @duzun introducing a new include and mapping can and will break many installations out there who update and have a missing include file. Multiple include files were added from the beginning to allow such customization. Your best approach this to your This will work instead of having a complex regex. |
|
I get your point. But with the current configuration, there is no way to catch the spam words in the Maybe it makes sense to add the new rule using the existing files, like |
|
ah ok I get you, I'll have to think about how we could do this without breaking anything. Using the existing include files could work. |
| @@ -0,0 +1,17 @@ | |||
| # EDIT THIS FILE AS YOU LIKE TO ADD OR REMOVE ANY BAD WORDS YOU WANT TO SCAN FOR ### | |||
There was a problem hiding this comment.
Let's move these rules to bad-referrer-words.conf
| @@ -75,6 +75,14 @@ if ($bad_referer) { | |||
| return 444; | |||
| } | |||
|
|
|||
| # --------------------------------- | |||
| @@ -18123,6 +18123,22 @@ geo $ratelimited { | |||
| # END SECTION 4 - ACTIVATE BLOCKER FUNCTIONS | |||
| # ========================================== | |||
|
|
|||
|
|
|||
There was a problem hiding this comment.
Make this reference the rules in bad-referrer-words.conf, it also cannot be added here it needs to be added in the two master template files
I have created a new rule to block some injection attempts by testing the incoming
$request_uri.I don't know how to correctly add these changes to the repo :(
Maybe it is worth adding a similar rule based on
$uri, which is a normalized version of$request_uri.