Skip to content

Instantly share code, notes, and snippets.

@johnhpatton
Created December 13, 2021 17:22
Show Gist options
  • Save johnhpatton/ce0699973cef08c796ed5f02b6ff8673 to your computer and use it in GitHub Desktop.
Save johnhpatton/ce0699973cef08c796ed5f02b6ff8673 to your computer and use it in GitHub Desktop.
Nginx + Lua to mitigate CVE-2021-44228
# /etc/nginx/conf.d/default.conf
server {
listen 80 default_server;
server_name localhost;
set $captured_request_headers "";
set $captured_request_body "";
set $cve_2021_44228_log "";
rewrite_by_lua_block {
cve_2021_44228.block_cve_2021_44228()
}
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment