Hướng dẫn sử dụng chức năng "Block Exploits, SQL Injections"
PostPosted:15 Jul 2018 17:09
Đây là một chức năng nhằm giúp website tăng bảo mật, nâng cao khả năng chống lại Exploits, SQL Injections.
Đây là config của nó:
Bạn có thể edit nội dung này trong: /etc/nginx/conf/block.conf
Đường dẫn chức năng: VPSSIM menu ==> Bảo mật server & website ==> Block Exploits, SQL Injections ==> BAT/TAT [Block Exploits, SQL Injections]
Cách sử dụng:
Mình sẽ bật chức năng này cho oanh.com
Đây là config của nó:
Code: Select all
# Blocking HTTP POST Attack
limit_req_status 444;
if ($args ~ CtrlFunc_* ) { return 444; }
set $my_var 0;
set $the_var 2;
if ($request_method = POST ) { set $my_var 1; }
if ($args = / ) { set $the_var 1; }
if ($my_var = $the_var ) { return 444; }
# from
# http://www.howtoforge.com/nginx-how-to-block-exploits-sql-injections-file-injections-spam-user-agents-etc
## Block SQL injections
set $block_sql_injections 0;
if ($query_string ~ "union.*select.*\(") {
set $block_sql_injections 1;
}
if ($query_string ~ "union.*all.*select.*") {
set $block_sql_injections 1;
}
if ($query_string ~ "concat.*\(") {
set $block_sql_injections 1;
}
if ($block_sql_injections = 1) {
return 403;
}
## Block file injections
set $block_file_injections 0;
if ($query_string ~ "[a-zA-Z0-9_]=http://") {
set $block_file_injections 1;
}
if ($query_string ~ "[a-zA-Z0-9_]=(\.\.//?)+") {
set $block_file_injections 1;
}
if ($query_string ~ "[a-zA-Z0-9_]=/([a-z0-9_.]//?)+") {
set $block_file_injections 1;
}
if ($block_file_injections = 1) {
return 403;
}
## Block common exploits
set $block_common_exploits 0;
if ($query_string ~ "(<|%3C).*script.*(>|%3E)") {
set $block_common_exploits 1;
}
if ($query_string ~ "GLOBALS(=|\[|\%[0-9A-Z]{0,2})") {
set $block_common_exploits 1;
}
if ($query_string ~ "_REQUEST(=|\[|\%[0-9A-Z]{0,2})") {
set $block_common_exploits 1;
}
if ($query_string ~ "proc/self/environ") {
set $block_common_exploits 1;
}
if ($query_string ~ "mosConfig_[a-zA-Z_]{1,21}(=|\%3D)") {
set $block_common_exploits 1;
}
if ($query_string ~ "base64_(en|de)code\(.*\)") {
set $block_common_exploits 1;
}
if ($block_common_exploits = 1) {
return 403;
}
## Block spam
set $block_spam 0;
if ($query_string ~ "\b(ultram|unicauca|valium|viagra|vicodin|xanax|ypxaieo)\b") {
set $block_spam 1;
}
if ($query_string ~ "\b(erections|hoodia|huronriveracres|impotence|levitra|libido)\b") {
set $block_spam 1;
}
if ($query_string ~ "\b(ambien|blue\spill|cialis|cocaine|ejaculation|erectile)\b") {
set $block_spam 1;
}
if ($query_string ~ "\b(lipitor|phentermin|pro[sz]ac|sandyauer|tramadol|troyhamby)\b") {
set $block_spam 1;
}
if ($block_spam = 1) {
return 403;
}
## Block user agents
set $block_user_agents 0;
# Don't disable wget if you need it to run cron jobs!
#if ($http_user_agent ~ "Wget") {
# set $block_user_agents 1;
#}
# Disable Akeeba Remote Control 2.5 and earlier
if ($http_user_agent ~ "Indy Library") {
set $block_user_agents 1;
}
# Common bandwidth hoggers and hacking tools.
if ($http_user_agent ~ "libwww-perl") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GetRight") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GetWeb!") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Go!Zilla") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Download Demon") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Go-Ahead-Got-It") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "TurnitinBot") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GrabNet") {
set $block_user_agents 1;
}
if ($block_user_agents = 1) {
return 403;
}
Bạn có thể edit nội dung này trong: /etc/nginx/conf/block.conf
Đường dẫn chức năng: VPSSIM menu ==> Bảo mật server & website ==> Block Exploits, SQL Injections ==> BAT/TAT [Block Exploits, SQL Injections]
Cách sử dụng:
Mình sẽ bật chức năng này cho oanh.com
========================================================================= VPSSIM - Quan Ly VPS/Server by HostingAZ.VN ========================================================================= Bao Mat Server & Website ========================================================================= 1) User & Password Mac Dinh 6) Thay Doi Port SSH Number 2) Quan Ly CSF Firewall 7) Dat Mat Khau Bao Ve Folder 3) Quan Ly IPtables Firewall 8) Block Exploits, SQL Injections 4) Linux Malware Detect & ClamAV 9) BAT/TAT Email Thong Bao Login 5) Check & Block IP DOS 10) Thay Password Account Root Lua chon cua ban (0-Thoat): 8 ========================================================================= 1) BAT/TAT [Block Exploits, SQL Injections] 2) List Website BAT [Block Exploits, SQL Injections] Lua chon cua ban (0-Thoat): 1 ========================================================================= Chuc nang nay de BAT/TAT [Block Exploits, SQL Injections] cho Website ------------------------------------------------------------------------- Edit rules tai: /etc/nginx/conf/block.conf ========================================================================= Ban muon xem danh sach website tren server ? [y/N] ========================================================================= Nhap ten website: oanh.com ========================================================================= oanh.com hien tai dang TAT [Block Exploits, SQL Injections] ------------------------------------------------------------------------- Ban muon BAT chuc nang nay ? [y/N] yKết quả:
========================================================================= BAT [Block Exploits, SQL Injections] cho oanh.com thanh cong ! ========================================================================= VPSSIM - Quan Ly VPS/Server by HostingAZ.VN ========================================================================= Bao Mat Server & Website ========================================================================= 1) User & Password Mac Dinh 6) Thay Doi Port SSH Number 2) Quan Ly CSF Firewall 7) Dat Mat Khau Bao Ve Folder 3) Quan Ly IPtables Firewall 8) Block Exploits, SQL Injections 4) Linux Malware Detect & ClamAV 9) BAT/TAT Email Thong Bao Login 5) Check & Block IP DOS 10) Thay Password Account Root Lua chon cua ban (0-Thoat):Xem danh sách các website đang bật chức năng này:
========================================================================= VPSSIM - Quan Ly VPS/Server by HostingAZ.VN ========================================================================= Bao Mat Server & Website ========================================================================= 1) User & Password Mac Dinh 6) Thay Doi Port SSH Number 2) Quan Ly CSF Firewall 7) Dat Mat Khau Bao Ve Folder 3) Quan Ly IPtables Firewall 8) Block Exploits, SQL Injections 4) Linux Malware Detect & ClamAV 9) BAT/TAT Email Thong Bao Login 5) Check & Block IP DOS 10) Thay Password Account Root Lua chon cua ban (0-Thoat): 8 ========================================================================= 1) BAT/TAT [Block Exploits, SQL Injections] 2) List Website BAT [Block Exploits, SQL Injections] Lua chon cua ban (0-Thoat): 2Kết quả:
========================================================================= Website on server: 6 ------------------------------------------------------------------------- Website ENABLED [Block Exploits, SQL Injections]: 1 ------------------------------------------------------------------------- oanh.com ========================================================================= VPSSIM - Quan Ly VPS/Server by HostingAZ.VN ========================================================================= Bao Mat Server & Website ========================================================================= 1) User & Password Mac Dinh 6) Thay Doi Port SSH Number 2) Quan Ly CSF Firewall 7) Dat Mat Khau Bao Ve Folder 3) Quan Ly IPtables Firewall 8) Block Exploits, SQL Injections 4) Linux Malware Detect & ClamAV 9) BAT/TAT Email Thong Bao Login 5) Check & Block IP DOS 10) Thay Password Account Root Lua chon cua ban (0-Thoat):