How to block these requests with http:// in the params?
Shri @ DevLib.Org
shri at devlib.org
Tue Nov 24 11:17:51 MSK 2009
Thanks Igor, was not aware of the args variable.
Regards,
Shri
----- Original Message -----
From: "Igor Sysoev" <igor at sysoev.ru>
To: <nginx at nginx.org>
Sent: Tuesday, November 24, 2009 4:12 PM
Subject: Re: How to block these requests with http:// in the params?
> On Tue, Nov 24, 2009 at 02:41:04PM +0800, Shri @ DevLib.Org wrote:
>
>> How would I go about blocking requests which try to exploit application /
>> php flaws?
>>
>> One in particular is ... of the form
>> http://www.domain.com/search.php?searchterm=http://217.218.xxx.x/abc.php
>>
>> I'd like to block all requests which have a param that begins with
>> http:// (searchterm in the above case).
>>
>> Can this be done at a server level?
>
> server {
>
> if ($arg_searchterm ~ ^http://) {
> return 403;
> }
>
> or for any paramter name:
>
> if ($args ~ =http://) {
> return 403;
> }
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
>
More information about the nginx
mailing list