侧边栏壁纸
博主头像
落叶人生博主等级

走进秋风,寻找秋天的落叶

  • 累计撰写 130562 篇文章
  • 累计创建 28 个标签
  • 累计收到 9 条评论
标签搜索

目 录CONTENT

文章目录
主机运维

nginx+lua搭建网站waf

2023-12-05 星期二 / 0 评论 / 0 点赞 / 80 阅读 / 3062 字

1、安装pcre yum -y install pcre-devel openssl openssl-devel zlib zlib-devel 2、安装 openResty cd /usr/loc

1、安装pcre

yum -y install pcre-devel  openssl openssl-devel zlib zlib-devel

2、安装 openResty

cd /usr/local/wget https://openresty.org/download/openresty-1.11.2.2.tar.gztar xf openresty-1.11.2.2.tar.gzcd openresty-1.11.2.2./configuregmake && gmake install

建立用户www,供nginx使用

useradd www -M -s /sbin/nologin

3、配置nginx

vim /usr/local/openresty/nginx/conf/nginx.confuser  www;worker_processes  1;events {    worker_connections  1024;}http {    include       mime.types;    default_type  application/octet-stream;    sendfile        on;    keepalive_timeout  65;    server {        listen       80;        server_name localhost;        location / {            default_type text/html;            content_by_lua_block {                ngx.say("Hello World!");            }        }    }}

保存配置文件,启动nginx

ln -s /usr/local/openresty/nginx/sbin/nginx /usr/sbin/nginxnginx  //启动nginx

curl localhost
# 打印Hello World!

4、下载ngx_lua_waf模块

cd /usr/local/openresty/nginxgit clone https://github.com/loveshell/ngx_lua_waf.git

在nginx的http模块中添加

lua_package_path "/usr/local/openresty/nginx/ngx_lua_waf/?.lua";lua_shared_dict limit 10m;init_by_lua_file /usr/local/openresty/nginx/ngx_lua_waf/init.lua;access_by_lua_file /usr/local/openresty/nginx/ngx_lua_waf/waf.lua;

进入ngx_lua_waf安装目录,并修改config.lua

RulePath = "/usr/local/openresty/nginx/ngx_lua_waf/wafconf/"attacklog = "on"logdir = "/usr/local/openresty/nginx/logs/ngx_lua_waf/"UrlDeny="on"Redirect="on"CookieMatch="on"postMatch="on"whiteModule="on"black_fileExt={"php","jsp"}ipWhitelist={"127.0.0.1"}ipBlocklist={"1.0.0.1"}CCDeny="off"CCrate="100/60"html=[[go away!]]

5、手动添加日志文件

cd /usr/local/openresty/nginx/logsmkdir ngx_lua_wafcd ../chown www.www logs/ -R

重启nginx

nginx -s reload

6、测试(浏览器)

http://182.92.200.105/index.asp?id=../etc/passwd

结果:go away!

进入刚刚创建的日志目录,查看生成的日志

[root@iZ25l0m95piZ sbin]# cd /usr/local/openresty/nginx/logs/ngx_lua_waf/[root@iZ25l0m95piZ ngx_lua_waf]# lslocalhost_2016-12-13_sec.log[root@iZ25l0m95piZ ngx_lua_waf]# cat localhost_2016-12-13_sec.log 192.168.1.52 [2016-12-13 14:06:48] "GET localhost/index.asp?id=../etc/passwd" "-"  "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36" "/././"192.168.1.52 [2016-12-13 14:16:17] "GET localhost/index.asp?id=../etc/passwd" "-"  "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36" "/././"

====>>>>END

赞一下 返回首页
本文链接: https://www.qiuyue.org/internet/devops/87032.html
广告 广告

评论区