From 771fb61eed71dbdef3b8744b39f22f7621ac84a0 Mon Sep 17 00:00:00 2001
From: GoEdgeLab <goedgecloud@gmail.com>
Date: Sat, 9 Dec 2023 19:25:06 +0800
Subject: [PATCH] =?UTF-8?q?WAF=E7=AD=96=E7=95=A5=E6=A8=A1=E6=9D=BF?=
 =?UTF-8?q?=E5=B0=86=E9=83=A8=E5=88=86=E6=8B=A6=E6=88=AA=E5=8A=A8=E4=BD=9C?=
 =?UTF-8?q?(block)=E6=94=B9=E4=B8=BA=E6=98=BE=E7=A4=BA=E7=BD=91=E9=A1=B5?=
 =?UTF-8?q?=EF=BC=88page=EF=BC=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../firewallconfigs/http_firewall_template.go | 26 +++++++++----------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_template.go b/pkg/serverconfigs/firewallconfigs/http_firewall_template.go
index d8629ba..49349f1 100644
--- a/pkg/serverconfigs/firewallconfigs/http_firewall_template.go
+++ b/pkg/serverconfigs/firewallconfigs/http_firewall_template.go
@@ -66,7 +66,8 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 			set.Connector = HTTPFirewallRuleConnectorOr
 			set.Actions = []*HTTPFirewallActionConfig{
 				{
-					Code: HTTPFirewallActionBlock,
+					Code:    HTTPFirewallActionPage,
+					Options: maps.Map{"status": 403, "body": ""},
 				},
 			}
 			set.AddRule(&HTTPFirewallRule{
@@ -99,7 +100,8 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 			set.Connector = HTTPFirewallRuleConnectorOr
 			set.Actions = []*HTTPFirewallActionConfig{
 				{
-					Code: HTTPFirewallActionBlock,
+					Code:    HTTPFirewallActionPage,
+					Options: maps.Map{"status": 403, "body": ""},
 				},
 			}
 			set.AddRule(&HTTPFirewallRule{
@@ -131,7 +133,8 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 			set.Connector = HTTPFirewallRuleConnectorOr
 			set.Actions = []*HTTPFirewallActionConfig{
 				{
-					Code: HTTPFirewallActionBlock,
+					Code:    HTTPFirewallActionPage,
+					Options: maps.Map{"status": 403, "body": ""},
 				},
 			}
 			set.AddRule(&HTTPFirewallRule{
@@ -171,14 +174,15 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 			set.Connector = HTTPFirewallRuleConnectorOr
 			set.Actions = []*HTTPFirewallActionConfig{
 				{
-					Code: HTTPFirewallActionBlock,
+					Code:    HTTPFirewallActionPage,
+					Options: maps.Map{"status": 403, "body": ""},
 				},
 			}
 			set.AddRule(&HTTPFirewallRule{
 				IsOn:              true,
 				Param:             "${requestURI}",
 				Operator:          HTTPFirewallRuleOperatorMatch,
-				Value:             `((\.+)(/+)){2,}`, // TODO more keywords here
+				Value:             `((\.+)(/+)){2,}`,
 				IsCaseInsensitive: false,
 			})
 			group.AddRuleSet(set)
@@ -459,10 +463,8 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 			set.Connector = HTTPFirewallRuleConnectorAnd
 			set.Actions = []*HTTPFirewallActionConfig{
 				{
-					Code: HTTPFirewallActionBlock,
-					Options: maps.Map{
-						"timeout": 1800,
-					},
+					Code:    HTTPFirewallActionPage,
+					Options: maps.Map{"status": 403, "body": ""},
 				},
 			}
 
@@ -498,10 +500,8 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 			set.Connector = HTTPFirewallRuleConnectorAnd
 			set.Actions = []*HTTPFirewallActionConfig{
 				{
-					Code: HTTPFirewallActionBlock,
-					Options: maps.Map{
-						"timeout": 60,
-					},
+					Code:    HTTPFirewallActionPage,
+					Options: maps.Map{"status": 403, "body": ""},
 				},
 			}