Instantly share code, notes, and snippets.

Embed
What would you like to do?
Nginx Configuration to block SQL Injection and similar attacks
location ~* "(eval\()" { deny all; }
location ~* "(127\.0\.0\.1)" { deny all; }
location ~* "([a-z0-9]{2000})" { deny all; }
location ~* "(javascript\:)(.*)(\;)" { deny all; }
location ~* "(base64_encode)(.*)(\()" { deny all; }
location ~* "(GLOBALS|REQUEST)(=|\[|%)" { deny all; }
location ~* "(<|%3C).*script.*(>|%3)" { deny all; }
location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" { deny all; }
location ~* "(boot\.ini|etc/passwd|self/environ)" { deny all; }
location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" { deny all; }
location ~* "(\'|\")(.*)(drop|insert|md5|select|union)" { deny all; }
location ~* "(https?|ftp|php):/" { deny all; }
location ~* "(=\\\'|=\\%27|/\\\'/?)\." { deny all; }
location ~* "/(\$(\&)?|\*|\"|\.|,|&|&amp;?)/?$" { deny all; }
location ~ "(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")" { deny all; }
location ~ "(~|`|<|>|:|;|%|\\|\s|\{|\}|\[|\]|\|)" { deny all; }
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" { deny all; }
location ~* "(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)" { deny all; }
location ~* "\.(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" { deny all; }
location ~* "/(^$|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php" { deny all; }
@nsgoyat

This comment has been minimized.

nsgoyat commented Mar 28, 2018

When I use it, My WP site doesn't open and reflect a Nginx 403 Forbidden Error.

@nsgoyat

This comment has been minimized.

nsgoyat commented Mar 28, 2018

Update: I tried putting each line, restarting nginx, and opening the site one by one. This Line "location ~* "/(\$(\&)?|\*|\"|\.|,|&|&?)/?$" { deny all; }" seems to be causing the issue.

@AmibeWebsites

This comment has been minimized.

AmibeWebsites commented Nov 10, 2018

Hi, would it be possible to have an explanation for each rule stating what kind of attack it's protecting and which are specific to a VirtualBox environment? Thank you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment