mirror of
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker.git
synced 2026-05-01 21:30:16 +00:00
Test GHA [ci skip]
This commit is contained in:
Mitchell Krog
parent
517296007a
commit
867894b483
447 changed files with 336888 additions and 0 deletions
92
dev-tools/test5_conf_files/bots.d/bad-referrer-words.conf
Normal file
92
dev-tools/test5_conf_files/bots.d/bad-referrer-words.conf
Normal file
|
|
@ -0,0 +1,92 @@
|
|||
# EDIT THIS FILE AS YOU LIKE TO ADD OR REMOVE ANY BAD WORDS YOU WANT TO SCAN FOR ###
|
||||
|
||||
# VERSION INFORMATION #
|
||||
#----------------------
|
||||
# Version: V4.2019.11
|
||||
# Updated: 2019-07-05
|
||||
#----------------------
|
||||
# VERSION INFORMATION #
|
||||
|
||||
##############################################################################
|
||||
# _ __ _ #
|
||||
# / |/ /__ _(_)__ __ __ #
|
||||
# / / _ `/ / _ \\ \ / #
|
||||
# /_/|_/\_, /_/_//_/_\_\ #
|
||||
# __/___/ __ ___ __ ___ __ __ #
|
||||
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
|
||||
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
|
||||
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
|
||||
# #
|
||||
##############################################################################
|
||||
|
||||
# This is merely an example and gets auto included as since Version 2.2017.07 introduced on 2017-04-20
|
||||
# This file must exist on your system or Nginx will fail a reload due to a missing file
|
||||
# For all intensive purpose you can delete everything inside this file and leave it
|
||||
# completely blank if you do not want your Nginx Blocker to include scanning for bad words within urls or referrer string
|
||||
# Only add one entry per line
|
||||
|
||||
# -------------------------------
|
||||
# !!! WARNING WARNING WARNING !!!
|
||||
# -------------------------------
|
||||
|
||||
# ---------------------------------------
|
||||
# PLEASE BE VERY CAREFUL HOW YOU USE THIS
|
||||
# ---------------------------------------
|
||||
# Here is an example of how one supposed bad word can cause your whole site to go down.
|
||||
# An issue was logged where the users own domain name was specialisteparquet.com
|
||||
# Because this list contained the word "cialis" it was detected within his domain name causing
|
||||
# his entire site to go down and not server any assets.
|
||||
# That one entry would even cause any site containing a word like "specialist" anywhere in any
|
||||
# of their sites pages to cause them to be blocked and whitelisting your own domain name in the
|
||||
# whitelist-domains.conf file will not even bypass this, SO BE CAREFUL PLEASE
|
||||
|
||||
# Think very carefully before you add any word here
|
||||
|
||||
# -----------------------------------------------------------------------------------------
|
||||
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
|
||||
# -----------------------------------------------------------------------------------------
|
||||
|
||||
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
|
||||
|
||||
# As you can see in the examples below the word "adultgalls" is entered with a preceding (?:\b) and an ending (?:\b)
|
||||
# this makes it now "(?:\b)adultgalls(?:\b)". It is crucial to use the word boundaries regex formatting.
|
||||
|
||||
# ---------
|
||||
# EXAMPLES:
|
||||
# ---------
|
||||
# "~*(?:\b)adultgalls(?:\b)" 1;
|
||||
# "~*(?:\b)amateurxpass(?:\b)" 1;
|
||||
# "~*(?:\b)bigblackbooty(?:\b)" 1;
|
||||
# "~*(?:\b)blacktits(?:\b)" 1;
|
||||
# "~*(?:\b)cookie\-law\-enforcement(?:\b)" 1;
|
||||
# "~*(?:\b)free\-share\-buttons(?:\b)" 1;
|
||||
# "~*(?:\b)free\-social\-buttons(?:\b)" 1;
|
||||
# "~*(?:\b)fuck\-paid\-share\-buttons(?:\b)" 1;
|
||||
# "~*(?:\b)ilovevitaly(?:\b)" 1;
|
||||
# "~*(?:\b)law\-enforcement\-bot(?:\b)" 1;
|
||||
# "~*(?:\b)law\-enforcement\-check(?:\b)" 1;
|
||||
# "~*(?:\b)share\-buttons\-for\-free(?:\b)" 1;
|
||||
# "~*(?:\b)webfuck(?:\b)" 1;
|
||||
# "~*(?:\b)xxxrus(?:\b)" 1;
|
||||
# "~*(?:\b)zeroredirect(?:\b)" 1;
|
||||
# "~*(?:\b|)x22(?:\b)" 1; (in this string if your own domain name was sex22.com it would be blocked)
|
||||
|
||||
|
||||
# Here is a list of unsanitary words used in referrer strings - used in various injection attacks
|
||||
# THE RULES BELOW ARE ENABLED BY DEFAULT
|
||||
# You can disable this default list by switching the values to 0
|
||||
|
||||
"~*(?:\b|)mb_ereg_replace(?:\b|)" 1;
|
||||
|
||||
# -----------
|
||||
# PLEASE NOTE
|
||||
# -----------
|
||||
|
||||
# If you whitelist your own domain in whitelist-domains.conf and your own domain is passed in the referrer string with an attack string it will NOT be blocked.
|
||||
|
||||
# --------
|
||||
# EXAMPLE:
|
||||
# --------
|
||||
# This string "http://yourwebsite.com/?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=file_put_contents&vars[1][]=gqopu.php&vars[1][]=<?php mb_ereg_replace('.*',@$_REQUEST[_], '', 'e');?>$"
|
||||
# contains the above 'mb_ereg_replace" attack string
|
||||
# If your domain is whitelisted in whitelist-domains.conf this string will NOT be detected
|
||||
Loading…
Add table
Add a link
Reference in a new issue