前言:
当前大家对“html非法字符”可能比较关怀,各位老铁们都想要分析一些“html非法字符”的相关内容。那么小编也在网络上收集了一些有关“html非法字符””的相关内容,希望咱们能喜欢,咱们一起来了解一下吧!## nginx 拦截非法字符,nginx禁止url访问特定字符,nginx过滤url访问
参考代码一
#前缀为无限,后面的精准屏蔽字符 123if ($request_uri ~* "123") {return 403 "I've recorded your ip Wait to check the water meter";}
参考代码二
#前缀为index.php,后面的精准屏蔽字符 123if ($request_uri ~* "/index.php\123") {return 403 "I've recorded your ip Wait to check the water meter";}
参考代码三
location / {# 当访问的url中含有/%#时返回404if ($request_uri ~* "/%#") {return 404;}#当访问url的后面带有?的链接 返回404if ($request_uri ~* ^/a/m/(.*)\.html\?(.*)$) {return 404;}}
注释:
过滤链接中的?在nginx的配置文件中写入
location / {# 当访问的url中含有/%#时返回404if ($request_uri ~* "/%#") {return 404;}#
当访问url的后面带有?的链接 返回404if ($request_uri ~*^/a/m/(.*)\.html\?(.*)$) {return 404;
nginx 正则表达式
=开头表示精确匹配,如 A 中只匹配根目录结尾的请求,后面不能带任何字符串。
^~ 开头表示uri以某个常规字符串开头,不是正则匹配
~ 开头表示区分大小写的正则匹配;
~* 开头表示不区分大小写的正则匹配
.* .匹配任意字符,*匹配数量0到正无穷;
\. \转义,匹配.
/ 通用匹配, 如果没有其它匹配,任何请求都会匹配到
本站测试代码,小白一键复制(注:需要自行根据网站程序定义)
宝塔为例:/www/server/panel/vhost/nginx/你的网站域名.conf,复制代码点击保存
#前缀为无限,后面的是屏蔽字符if ($request_uri ~* "../../../../../../") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为无限,后面的是屏蔽字符if ($request_uri ~* ";") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为无限,后面的是屏蔽字符if ($request_uri ~* "&") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为无限,后面的是屏蔽字符if ($request_uri ~* "base64") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\&") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\?") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\;") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\=") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\=") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\_") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\./") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\:") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\base64") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\%") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\wp-content") {return 403 "I've recorded your ip Wait to check the water meter";}#前缀为index.php屏蔽,后面的是屏蔽字符if ($request_uri ~* "/index.php\;amp") {return 403 "I've recorded your ip Wait to check the water meter";}
## 附带:nginx ql语句过滤、文件注入禁止、溢出攻击过滤、spam字段过滤、user-agents头过滤
sql语句过滤
if ($request_uri ~* "(cost\()|(concat\()") {return 444;}if ($request_uri ~* "[+|(%20)]union[+|(%20)]") {return 444;}if ($request_uri ~* "[+|(%20)]and[+|(%20)]") {return 444;}if ($request_uri ~* "[+|(%20)]select[+|(%20)]") {return 444;}
文件注入禁止
set $block_file_injections 0;if ($query_string ~ “[a-zA-Z0-9_]=http://”) {set $block_file_injections 1;}if ($query_string ~ “[a-zA-Z0-9_]=(\.\.//?)+”) {set $block_file_injections 1;}if ($query_string ~ “[a-zA-Z0-9_]=/([a-z0-9_.]//?)+”) {set $block_file_injections 1;}if ($block_file_injections = 1) {return 444;}
溢出攻击过滤
set $block_common_exploits 0;if ($query_string ~ “(<|%3C).*script.*(>|%3E)”) {set $block_common_exploits 1;}if ($query_string ~ “GLOBALS(=|\[|\%[0-9A-Z]{0,2})”) {set $block_common_exploits 1;}if ($query_string ~ “_REQUEST(=|\[|\%[0-9A-Z]{0,2})”) {set $block_common_exploits 1;}if ($query_string ~ “proc/self/environ”) {set $block_common_exploits 1;}if ($query_string ~ “mosConfig_[a-zA-Z_]{1,21}(=|\%3D)”) {set $block_common_exploits 1;}if ($query_string ~ “base64_(en|de)code\(.*\)”) {set $block_common_exploits 1;}if ($block_common_exploits = 1) {return 444;}
spam字段过滤
set $block_spam 0;if ($query_string ~ “\b(ultram|unicauca|valium|viagra|vicodin|xanax|ypxaieo)\b”) {set $block_spam 1;}if ($query_string ~ “\b(erections|hoodia|huronriveracres|impotence|levitra|libido)\b”) {set $block_spam 1;}if ($query_string ~ “\b(ambien|blue\spill|cialis|cocaine|ejaculation|erectile)\b”) {set $block_spam 1;}if ($query_string ~ “\b(lipitor|phentermin|pro[sz]ac|sandyauer|tramadol|troyhamby)\b”) {set $block_spam 1;}if ($block_spam = 1) {return 444;}
user-agents头过滤
set $block_user_agents 0;if ($http_user_agent ~ “Wget”) {set $block_user_agents 1;}# Disable Akeeba Remote Control 2.5 and earlierif ($http_user_agent ~ “Indy Library”) {set $block_user_agents 1;}# Common bandwidth hoggers and hacking tools.if ($http_user_agent ~ “libwww-perl”) {set $block_user_agents 1;}if ($http_user_agent ~ “GetRight”) {set $block_user_agents 1;}if ($http_user_agent ~ “GetWeb!”) {set $block_user_agents 1;}if ($http_user_agent ~ “Go!Zilla”) {set $block_user_agents 1;}if ($http_user_agent ~ “Download Demon”) {set $block_user_agents 1;}if ($http_user_agent ~ “Go-Ahead-Got-It”) {set $block_user_agents 1;}if ($http_user_agent ~ “TurnitinBot”) {set $block_user_agents 1;}if ($http_user_agent ~ “GrabNet”) {set $block_user_agents 1;}if ($block_user_agents = 1) {return 444;}}
自动防护
if ($request_uri ~* \.(htm|do)\?(.*)$) {set $req $2;}if ($req ~* "(cost\()|(concat\()") {return 503;}if ($req ~* "union[+|(%20)]") {return 503;}if ($req ~* "and[+|(%20)]") {return 503;}if ($req ~* "select[+|(%20)]") {return 503;}
注:使用上也需要进行相应的调整
标签: #html非法字符 #nginx禁止访问以php结尾的文件