Skip to content

10 cookie_Mod

Jump to bottom
star edited this page Jan 7, 2018 · 4 revisions

cookie_Mod cookie规则模块

(对应配置文件:conf_json/cookie_Mod.json)

该模块是整个访问控制规则的 第10步 用于配置cookie访问控制的

[
    {
        "state": "on",
        # 该条规则的开关(on/off)
        "hostname": ["*",""],
        # host 匹配规则;第一个参数:匹配内容,第二个:匹配方式,字符串匹配(该条规则是 匹配任意字符串)
        "cookie": ["\\.\\./","jio"],
        # cookie 匹配规则;第一个参数:匹配内容,第二个:匹配方式,正则匹配
        "action": "deny"
        # 执行动作:拒绝(deny/allow/log)
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["\\:\\$","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["\\$\\{","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["select.+(from|limit)","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["(?:(union(.*?)select))","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["having|rongjitest","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["sleep\\((\\s*)(\\d*)(\\s*)\\)","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["benchmark\\((.*)\\,(.*)\\)","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["base64_decode\\(","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["(?:from\\W+information_schema\\W)","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["(?:(?:current_)user|database|schema|connection_id)\\s*\\(","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["(?:etc\\/\\W*passwd)","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["into(\\s+)+(?:dump|out)file\\s*","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["group\\s+by.+\\(","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["xwork.MethodAccessor","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|preg_\\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\\(","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["xwork\\.MethodAccessor","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["(gopher|doc|php|glob|file|phar|zlib|ftp|ldap|dict|ogg|data)\\:\\/","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["java\\.lang","jio"],
        "action": "deny"
    },
    {
        "state": "on",
        "hostname": ["*",""],
        "cookie": ["\\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)\\[","jio"],
        "action": "deny"
    }
]
Clone this wiki locally