Welcome! Log In Create A New Profile

Re: How to block these requests with http:// in the params?

Forum List Message List New Topic Print View

Shri @ DevLib.Org

November 24, 2009 03:24AM

Thanks Igor, was not aware of the args variable.

Regards,
Shri

----- Original Message -----
From: "Igor Sysoev" <igor@sysoev.ru>
To: <nginx@nginx.org>
Sent: Tuesday, November 24, 2009 4:12 PM
Subject: Re: How to block these requests with http:// in the params?

> On Tue, Nov 24, 2009 at 02:41:04PM +0800, Shri @ DevLib.Org wrote:
>
>> How would I go about blocking requests which try to exploit application /
>> php flaws?
>>
>> One in particular is ... of the form
>> http://www.domain.com/search.php?searchterm=http://217.218.xxx.x/abc.php
>>
>> I'd like to block all requests which have a param that begins with
>> http:// (searchterm in the above case).
>>
>> Can this be done at a server level?
>
> server {
>
> if ($arg_searchterm ~ ^http://) {
> return 403;
> }
>
> or for any paramter name:
>
> if ($args ~ =http://) {
> return 403;
> }
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx
>

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
How to block these requests with http:// in the params?	Shri @ DevLib.Org	November 24, 2009 01:46AM
Re: How to block these requests with http:// in the params?	Igor Sysoev	November 24, 2009 03:20AM
Re: How to block these requests with http:// in the params?	Shri @ DevLib.Org	November 24, 2009 03:24AM
Re: How to block these requests with http:// in the params?	packetloss	November 28, 2009 02:20AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 258

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018