Skip to content

Instantly share code, notes, and snippets.

@dustyfresh

dustyfresh/nginx-load-scripts-mitigation.conf

Last active March 14, 2023 06:07
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dustyfresh/d75d557d8212cc1dba51b3552ca4442e to your computer and use it in GitHub Desktop.
Save dustyfresh/d75d557d8212cc1dba51b3552ca4442e to your computer and use it in GitHub Desktop.
Download ZIP
nginx rule to mitigate DoS attack on WordPress load-scripts.php
Raw
nginx-load-scripts-mitigation.conf
# https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
# https://wpvulndb.com/vulnerabilities/9021
location ~* ^/wp-admin/load-scripts\.php$ {
if ( $query_string ~* "^.{1024,}$" ) {
return 444;
}
}
@joetek
Copy link

joetek commented Feb 6, 2018

Thanks for sharing. Might want to also mitigate load-styles.php, as it has the same issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment