Skip to content

Instantly share code, notes, and snippets.

@johnhpatton
Created December 13, 2021 11:17
Show Gist options
  • Save johnhpatton/8b32ebb01123d65c5b13c0385698816d to your computer and use it in GitHub Desktop.
Save johnhpatton/8b32ebb01123d65c5b13c0385698816d to your computer and use it in GitHub Desktop.
Nginx + Lua to mitigate CVE-2021-44228
# /etc/nginx/conf.d/lua.conf
# GLOBAL LUA -- HTTP BLOCK LEVEL
# Lua locations
# $prefix is the server prefix ( -p {server_prefix} ) passed in
# to nginx at startup, or the default build prefix (/etc/nginx/).
lua_package_path "${prefix}conf.d/?.lua;/usr/local/lib/lua/?.lua;;";
lua_package_cpath "/usr/lib64/lua/5.1/?.so;;";
# Disable logging cosocket lua TCP socket read timeout.
lua_socket_log_errors off;
# initialize lua globals
init_by_lua_block {
cve_2021_44228 = require("cve_2021_44228")
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment