akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Refine security patterns: reduce false positives in null byte detection and expand RFI protocol coverage

Browse Source 
Co-authored-by: fuomag9 <1580624+fuomag9@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2025-09-19 16:55:43 +00:00
parent dd2e443da6
commit 2185b8244c
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docker/rootfs/etc/nginx/conf.d/include/block-exploits.conf
View File

@@ -52,7 +52,7 @@ if ($block_sql_injections = 1) {
set $block_file_injections 0;
# Remote file inclusion
if ($query_string ~ "[a-zA-Z0-9_]=(https?|ftp|ftps)://") {
if ($query_string ~ "[a-zA-Z0-9_]=(https?|ftp|ftps|file|data|php|expect|gopher)://") {
set $block_file_injections 1;
}
@@ -84,8 +84,8 @@ if ($query_string ~ "(\/etc\/passwd)|(\/etc\/shadow)|(\/etc\/hosts)") {
set $block_file_injections 1;
}
# Null bytes and encoding attacks
if ($query_string ~ "(%00|%0a|%0d|%09|%20$)") {
# Null bytes and dangerous encoding attacks
if ($query_string ~ "(%00|%0a%0d|%0d%0a)") {
set $block_file_injections 1;
}