Apache: RewriteCond %{QUERY_STRING}问题
Apache: RewriteCond %{QUERY_STRING}问题
提问于 2020-11-27 21:21:40
我希望阻止来自用户的像http://anything.com/something.php?hack_attempt=select *这样的请求。
为此,我在.htaccess中这样做
RewriteCond %{QUERY_STRING} ^.*(md5|benchmark|union|select|insert|cast|set|declare|drop|update).* [NC]问题是这个规则也命中了http://anything.com/update.php,因为我知道%{QUERY_STRING}应该只在?之后包含get params string,但是它命中了URI。有人能给出问题出在哪里吗?
更新:完整规则
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{QUERY_STRING} ^.*(localhost|loopback|127\.0\.0\.1).* [NC,OR]
#RewriteCond %{QUERY_STRING} ^.*(\.|\*|;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*/ban_url/ [NC,OR]
#RewriteCond %{QUERY_STRING} ^.*(md5|benchmark|union|select|insert|cast|set|declare|drop|update).* [NC]
RewriteCond %{QUERY_STRING} ^.*(md5|benchmark|union|insert|cast|set|declare|drop).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*\?.*(md5|benchmark|union|select|insert|cast|set|declare|drop|update).* [NC]
RewriteRule ^(.*)$ - [R=400,L]
</IfModule>如果我取消注释
RewriteCond %{QUERY_STRING} ^.*(md5|benchmark|union|select|insert|cast|set|declare|drop|update).* [NC]然后Apache将阻止www.anything.com/update.php,但它应该只阻止www.anything.com/something.php?param=update。
更新2:完整的会议
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{QUERY_STRING} ^.*(localhost|loopback|127\.0\.0\.1).* [NC,OR]
#RewriteCond %{QUERY_STRING} ^.*(\.|\*|;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*/ban_url/ [NC,OR]
#RewriteCond %{QUERY_STRING} ^.*(md5|benchmark|union|select|insert|cast|set|declare|drop|update).* [NC]
RewriteCond %{QUERY_STRING} ^.*(md5|benchmark|union|insert|cast|set|declare|drop).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*\?.*(md5|benchmark|union|select|insert|cast|set|declare|drop|update).* [NC]
RewriteRule ^(.*)$ - [R=400,L]
RewriteCond %{REQUEST_URI} ^.*wp-* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*www\.zip* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*backup\.zip* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*public_html\.zip* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*\.tar\.gz* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*administrator* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*admin\.php* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*admin/index\.php* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*elrekt\.php* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*_adminer* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*accesson* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*agentui* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*trackback* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*wp-login* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*router\.php* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*AspCms_AdminAdd* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*public/js/wind* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*include/calendar/calendar-cn* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*app-ads* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*vendor/phpunit/* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*utility/* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*blackhat* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*data/admin/allowurl* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*js/varien* [NC,OR] #magento
RewriteCond %{REQUEST_URI} ^.*js/mage* [NC,OR] #magento
RewriteCond %{REQUEST_URI} ^.*magento_version* [NC,OR] #magento
RewriteCond %{REQUEST_URI} ^.*db_z\.php* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*functions\.php* [NC,OR]
RewriteCond %{REQUEST_URI} ^.*lottery-index* [NC]
RewriteRule ^(.*)$ - [R=400,L]
</IfModule>此conf文件应用于类似站点的conf
<VirtualHost *:80>
Include /var/www/url_blacklist.conf
ServerName ...
DocumentRoot ...
ErrorLog ...
</VirtualHost>回答 1
Stack Overflow用户
发布于 2020-11-28 12:25:26
我假设你想阻止/禁止所有那些在它们的查询字符串中有select *的请求以及它们的uri没有请求update.php的请求,如果是这样的话,你可以尝试下面的一次吗?这些条件是按照请求的条件编写的,您可以尝试单独测试它,然后也可以尝试将它们与现有条件合并。
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/update\.php [NC]
RewriteCond %{QUERY_STRING} select \* [NC]
RewriteRule ^ - [R=301,F]页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/65038092
复制相关文章
相似问题
腾讯云开发者
