config.lua
1.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
--WAF config file,enable = "on",disable = "off"
--waf status # waf 开关
config_waf_enable = "on"
--log dir
config_log_dir = "/data/logs/nginx/waf/"
--rule setting
config_rule_dir = "/usr/local/nginx/conf/conf.d/waf/rule-config"
--set ip addr from: X_Forwarded_For X_real_ip[header] or ngx.var.remote_addr
config_set_ip_addr = "X_Forwarded_For"
--enable/disable white url #是否开启url检测
config_white_url_check = "on"
--enable/disable white ip #是否开启IP白名单检测
config_white_ip_check = "on"
--enable/disable block ip #是否开启ip黑名单检测
config_black_ip_check = "on"
--black ip in cache time of xxx secondsa # 命中一次cc攻击后,拉入black_ip_in_cache,缓存600s
config_black_ip_cache = "600"
--enable/disable url filtering #是否开启url过滤
config_url_check = "on"
--enalbe/disable url args filtering #是否开启参数检测
config_url_args_check = "on"
--enable/disable user agent filtering #是否开启ua检测
config_user_agent_check = "on"
--enable/disable cookie deny filtering #是否开启cookie检测
config_cookie_check = "on"
--enable/disable cc filtering #启用cc防御
config_cc_check = "on"
--cc rate the xxx of xxx secondsa #允许单个ip60秒内只能访问10次
config_cc_rate = "100/10"
--enable/disable post filtering #是否开启post检测
config_post_check = "on"
--config waf output redirect/html # 选择跳转url或者html
config_waf_output = "html"
--if config_waf_output ,setting url
config_waf_redirect_url = "http://www.baidu.com"
config_output_html=[[
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-Language" content="zh-cn" />
<title>waf block info</title>
</head>
<body>
<p align="center"> Your behavior is considered unsafe by the system and has been blocked</p>
</body>
</html>
]]