TRKJ/EdgeCommon
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeCommon.git synced 2025-11-03 20:40:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

优化内置WAF模板

Browse Source
This commit is contained in:
刘祥超
2021-12-21 12:08:49 +08:00
parent a74f930d42
commit a913996000
1 changed files with 51 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
pkg/serverconfigs/firewallconfigs/http_firewall_template.go
View File

@@ -421,7 +421,7 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
{ {
set := &HTTPFirewallRuleSet{} set := &HTTPFirewallRuleSet{}
set.IsOn = true set.IsOn = true
set.Name = "常见网络爬虫" set.Name = "搜索引擎"
set.Code = "20001" set.Code = "20001"
set.Connector = HTTPFirewallRuleConnectorOr set.Connector = HTTPFirewallRuleConnectorOr
set.Actions = []*HTTPFirewallActionConfig{ set.Actions = []*HTTPFirewallActionConfig{
@@ -434,7 +434,56 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
IsOn: true, IsOn: true,
Param: "${userAgent}", Param: "${userAgent}",
Operator: HTTPFirewallRuleOperatorMatch, Operator: HTTPFirewallRuleOperatorMatch,
Value: `Googlebot|AdsBot|bingbot|BingPreview|facebookexternalhit|Slurp|Sogou|proximic|Baiduspider|yandex|twitterbot|spider|python`, Value: `360spider|adldxbot|adsbot-google|applebot|admantx|alexa|baidu|bingbot|bingpreview|facebookexternalhit|googlebot|proximic|slurp|sogou|twitterbot|yandex|spider`,
IsCaseInsensitive: true,
})
group.AddRuleSet(set)
}
{
set := &HTTPFirewallRuleSet{}
set.IsOn = true
set.Name = "爬虫工具"
set.Code = "20003"
set.Connector = HTTPFirewallRuleConnectorOr
set.Actions = []*HTTPFirewallActionConfig{
{
Code: HTTPFirewallActionBlock,
},
}
set.AddRule(&HTTPFirewallRule{
IsOn: true,
Param: "${userAgent}",
Operator: HTTPFirewallRuleOperatorMatch,
Value: `python|pycurl|http-client|httpclient|apachebench|nethttp|http_request|java|perl|ruby|scrapy|php|rust`,
IsCaseInsensitive: true,
})
group.AddRuleSet(set)
}
{
set := &HTTPFirewallRuleSet{}
set.IsOn = true
set.Name = "下载工具"
set.Code = "20004"
set.Connector = HTTPFirewallRuleConnectorOr
set.Actions = []*HTTPFirewallActionConfig{
{
Code: HTTPFirewallActionTag,
Options: maps.Map{
"tags": []string{"download"},
},
},
}
set.AddRule(&HTTPFirewallRule{
IsOn: true,
Param: "${userAgent}",
Operator: HTTPFirewallRuleOperatorMatch,
Value: `wget|curl`,
IsCaseInsensitive: true, IsCaseInsensitive: true,
}) })