Create a gist now

Instantly share code, notes, and snippets.

Embed
What would you like to do?
nginx rule to mitigate DoS attack on WordPress load-scripts.php
# https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
# https://wpvulndb.com/vulnerabilities/9021
location ~* ^/wp-admin/load-scripts\.php$ {
if ( $query_string ~* "^.{1024,}$" ) {
return 444;
}
}
@joetek

This comment has been minimized.

Show comment
Hide comment
@joetek

joetek Feb 6, 2018

Thanks for sharing. Might want to also mitigate load-styles.php, as it has the same issues.

joetek commented Feb 6, 2018

Thanks for sharing. Might want to also mitigate load-styles.php, as it has the same issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment