You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
93 lines
4.6 KiB
Plaintext
93 lines
4.6 KiB
Plaintext
# EDIT THIS FILE AS YOU LIKE TO ADD OR REMOVE ANY BAD WORDS YOU WANT TO SCAN FOR ###
|
|
|
|
# VERSION INFORMATION #
|
|
#----------------------
|
|
# Version: V4.2019.11
|
|
# Updated: 2019-07-05
|
|
#----------------------
|
|
# VERSION INFORMATION #
|
|
|
|
##############################################################################
|
|
# _ __ _ #
|
|
# / |/ /__ _(_)__ __ __ #
|
|
# / / _ `/ / _ \\ \ / #
|
|
# /_/|_/\_, /_/_//_/_\_\ #
|
|
# __/___/ __ ___ __ ___ __ __ #
|
|
# / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ #
|
|
# / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ #
|
|
# /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ #
|
|
# #
|
|
##############################################################################
|
|
|
|
# This is merely an example and gets auto included as since Version 2.2017.07 introduced on 2017-04-20
|
|
# This file must exist on your system or Nginx will fail a reload due to a missing file
|
|
# For all intensive purpose you can delete everything inside this file and leave it
|
|
# completely blank if you do not want your Nginx Blocker to include scanning for bad words within urls or referrer string
|
|
# Only add one entry per line
|
|
|
|
# -------------------------------
|
|
# !!! WARNING WARNING WARNING !!!
|
|
# -------------------------------
|
|
|
|
# ---------------------------------------
|
|
# PLEASE BE VERY CAREFUL HOW YOU USE THIS
|
|
# ---------------------------------------
|
|
# Here is an example of how one supposed bad word can cause your whole site to go down.
|
|
# An issue was logged where the users own domain name was specialisteparquet.com
|
|
# Because this list contained the word "cialis" it was detected within his domain name causing
|
|
# his entire site to go down and not server any assets.
|
|
# That one entry would even cause any site containing a word like "specialist" anywhere in any
|
|
# of their sites pages to cause them to be blocked and whitelisting your own domain name in the
|
|
# whitelist-domains.conf file will not even bypass this, SO BE CAREFUL PLEASE
|
|
|
|
# Think very carefully before you add any word here
|
|
|
|
# -----------------------------------------------------------------------------------------
|
|
# PLEASE MAKE SURE that you use word regex boundaries to avoid false positive detection !!!
|
|
# -----------------------------------------------------------------------------------------
|
|
|
|
# BY DEFAULT ALL THE EXAMPLES BELOW ARE COMMENTED OUT AND HENCE NOT ENABLED
|
|
|
|
# As you can see in the examples below the word "adultgalls" is entered with a preceding (?:\b) and an ending (?:\b)
|
|
# this makes it now "(?:\b)adultgalls(?:\b)". It is crucial to use the word boundaries regex formatting.
|
|
|
|
# ---------
|
|
# EXAMPLES:
|
|
# ---------
|
|
# "~*(?:\b)adultgalls(?:\b)" 1;
|
|
# "~*(?:\b)amateurxpass(?:\b)" 1;
|
|
# "~*(?:\b)bigblackbooty(?:\b)" 1;
|
|
# "~*(?:\b)blacktits(?:\b)" 1;
|
|
# "~*(?:\b)cookie\-law\-enforcement(?:\b)" 1;
|
|
# "~*(?:\b)free\-share\-buttons(?:\b)" 1;
|
|
# "~*(?:\b)free\-social\-buttons(?:\b)" 1;
|
|
# "~*(?:\b)fuck\-paid\-share\-buttons(?:\b)" 1;
|
|
# "~*(?:\b)ilovevitaly(?:\b)" 1;
|
|
# "~*(?:\b)law\-enforcement\-bot(?:\b)" 1;
|
|
# "~*(?:\b)law\-enforcement\-check(?:\b)" 1;
|
|
# "~*(?:\b)share\-buttons\-for\-free(?:\b)" 1;
|
|
# "~*(?:\b)webfuck(?:\b)" 1;
|
|
# "~*(?:\b)xxxrus(?:\b)" 1;
|
|
# "~*(?:\b)zeroredirect(?:\b)" 1;
|
|
# "~*(?:\b|)x22(?:\b)" 1; (in this string if your own domain name was sex22.com it would be blocked)
|
|
|
|
|
|
# Here is a list of unsanitary words used in referrer strings - used in various injection attacks
|
|
# THE RULES BELOW ARE ENABLED BY DEFAULT
|
|
# You can disable this default list by switching the values to 0
|
|
|
|
"~*(?:\b|)mb_ereg_replace(?:\b|)" 1;
|
|
|
|
# -----------
|
|
# PLEASE NOTE
|
|
# -----------
|
|
|
|
# If you whitelist your own domain in whitelist-domains.conf and your own domain is passed in the referrer string with an attack string it will NOT be blocked.
|
|
|
|
# --------
|
|
# EXAMPLE:
|
|
# --------
|
|
# This string "http://yourwebsite.com/?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars[0]=file_put_contents&vars[1][]=gqopu.php&vars[1][]=<?php mb_ereg_replace('.*',@$_REQUEST[_], '', 'e');?>$"
|
|
# contains the above 'mb_ereg_replace" attack string
|
|
# If your domain is whitelisted in whitelist-domains.conf this string will NOT be detected
|