可以在我们的cdn→安全设置→参数过滤中挨个添加
实测有用
下面是 GET-参数过滤 规则
\.\./\.\./ 目录保护1
(?:etc\/\W*passwd)
目录保护3
(gopher|doc|php|glob|^file|phar|zlib|ftp|ldap|dict|ogg|data)\:\/
PHP流协议过滤1
base64_decode\(
一句话木马过滤3
(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|char|chr|preg_\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\(
一句话木马过滤4
\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)\[
一句话木马过滤5
select.+(from|limit)
SQL注入过滤2
(?:(union(.*?)select))
SQL注入过滤3
benchmark\((.*)\,(.*)\)
SQL注入过滤6
(?:from\W+information_schema\W)
SQL注入过滤7
(?:(?:current_)user|database|concat|extractvalue|polygon|updatexml|geometrycollection|schema|multipoint|multipolygon|connection_id|linestring|multilinestring|exp|right|sleep|group_concat|load_file|benchmark|file_put_contents|urldecode|system|file_get_contents|select|substring|substr|fopen|popen|phpinfo|user|alert|scandir|shell_exec|eval|execute|concat_ws|strcmp|right)\s*\(
SQL注入过滤8
\<(iframe|script|body|img|layer|div|meta|style|base|object)
XSS过滤1
(invokefunction|call_user_func_array|\\think\\)
ThinkPHP payload封堵
^url_array\[.*\]$
Metinfo6.x XSS漏洞
(extractvalue\(|concat\(0x|user\(\)|substring\(|count\(\*\)|substring\(hex\(|updatexml\()
SQL报错注入过滤01
(@@version|load_file\(|NAME_CONST\(|exp\(\~|floor\(rand\(|geometrycollection\(|multipoint\(|polygon\(|multipolygon\(|linestring\(|multilinestring\()
SQL报错注入过滤02
(ORD\(|MID\(|IFNULL\(|CAST\(|CHAR\()
SQL注入过滤1
(EXISTS\(|SELECT\#|\(SELECT)
SQL注入过滤1
(bin\(|ascii\(|benchmark\(|concat_ws\(|group_concat\(|strcmp\(|left\(|datadir\(|greatest\()
SQL报错注入过滤01
(?:from.+?information_schema.+?)
--
(array_map\("ass)
菜刀流量过滤
'$
test
\${jndi:
log4j2拦截
GET-URL过滤
\.(htaccess|mysql_history|bash_history|DS_Store|idea|user\.ini)
文件目录过滤1
\.(bak|inc|old|mdb|sql|php~|swp|java|class)$
文件目录过滤2
^/(vhost|bbs|host|wwwroot|www|site|root|backup|data|ftp|db|admin|website|web).*\.(rar|sql|zip|tar\.gz|tar)$
文件目录过滤3
/(hack|shell|spy|phpspy)\.php$
PHP脚本执行过滤1
^/(attachments|css|uploadfiles|static|forumdata|cache|avatar)/(\w+).(php|jsp)$
PHP脚本执行过滤2
(?:(union(.*?)select))
SQL注入过滤1
(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|preg_\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\(
User-Agent过滤
(WPScan|HTTrack|antSword|harvest|audit|dirbuster|pangolin|nmap|sqln|hydra|Parser|libwww|BBBike|sqlmap|w3af|owasp|Nikto|fimap|havij|zmeu|BabyKrokodil|netsparker|httperf| SF/)
关键词过滤1
(?:define|eval|file_get_contents|include|require_once|shell_exec|phpinfo|system|passthru|chr|char|preg_\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog|file_put_contents|fopen|urldecode|scandir)\(
一句话*屏蔽的关键字*过滤2
\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)
一句话*屏蔽的关键字*过滤3
select\s+.+(from|limit)\s+
SQL注入过滤2
(?:(union(.*?)select))
SQL注入过滤3
benchmark\((.*)\,(.*)\)
SQL注入过滤6
(?:from\W+information_schema\W)
SQL注入过滤7
(?:(?:current_)user|database|schema|connection_id)\s*\(
SQL注入过滤8
(extractvalue\(|concat\(0x|user\(\)|substring\(|count\(\*\)|substring\(hex\(|updatexml\()
SQL报错注入过滤01
(@@version|load_file\(|NAME_CONST\(|exp\(\~|floor\(rand\(|geometrycollection\(|multipoint\(|polygon\(|multipolygon\(|linestring\(|multilinestring\()
SQL报错注入过滤02
(substr\()
SQL注入过滤10
(ORD\(|MID\(|IFNULL\(|CAST\(|CHAR\))
SQL注入过滤1
(EXISTS\(|SELECT\#|\(SELECT)
SQL注入过滤1
(array_map\("ass)
菜刀流量过滤
(bin\(|ascii\(|benchmark\(|concat_ws\(|group_concat\(|strcmp\(|left\(|datadir\(|greatest\()
SQL报错注入过滤01
POST过滤
\.\./\.\./
目录保护1
(?:etc\/\W*passwd)
目录保护3
(gopher|doc|php|glob|^file|phar|zlib|ftp|ldap|dict|ogg|data)\:\/
PHP流协议过滤1
base64_decode\(
一句话*屏蔽的关键字*过滤1
(?:define|eval|file_get_contents|include|require_once|shell_exec|phpinfo|system|passthru|chr|char|preg_\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog|file_put_contents|fopen|urldecode|scandir)\(
一句话*屏蔽的关键字*过滤2
\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)
一句话*屏蔽的关键字*过滤3
select.+(from|limit)
SQL注入过滤2
(?:(union(.*?)select))
SQL注入过滤3
benchmark\((.*)\,(.*)\)
SQL注入过滤6
(?:from\W+information_schema\W)
SQL注入过滤7
(?:(?:current_)user|database|concat|extractvalue|polygon|updatexml|geometrycollection|schema|multipoint|multipolygon|connection_id|linestring|multilinestring|exp|right|sleep|group_concat|load_file|benchmark|file_put_contents|urldecode|system|file_get_contents|select|substring|substr|fopen|popen|phpinfo|user|alert|scandir|shell_exec|eval|execute|concat_ws|strcmp|right)\s*\(
SQL注入过滤8
(extractvalue\(|concat\(|user\(\)|substring\(|count\(\*\)|substring\(hex\(|updatexml\()
SQL报错注入过滤01
(@@version|load_file\(|NAME_CONST\(|exp\(\~|floor\(rand\(|geometrycollection\(|multipoint\(|polygon\(|multipolygon\(|linestring\(|multilinestring\(|right\()
SQL报错注入过滤02
(substr\()
SQL注入过滤10
(ORD\(|MID\(|IFNULL\(|CAST\(|CHAR\()
SQL注入过滤1
(EXISTS\(|SELECT\#|\(SELECT|select\()
SQL注入过滤1
(array_map\("ass)
菜刀流量过滤
(bin\(|ascii\(|benchmark\(|concat_ws\(|group_concat\(|strcmp\(|left\(|datadir\(|greatest\()
SQL报错注入过滤01
(?:from.+?information_schema.+?)
--
\${jndi:
log4j2拦截
没有回复内容