12 post_Mod - starjun/starjun.github.io GitHub Wiki
post_Mod POST请求参数过滤模块
该模块是整个访问控制规则的 第12步 用于配置POST请求参数的访问控制
[
{
"state": "on",
# 该条规则的开关(on/off)
"post": ["\\.\\./","jio"],
# post匹配规则;第一个参数:匹配内容,第二个:匹配方式,正则匹配
"hostname": ["*",""],
# host匹配规则;第一个参数匹配
"action": "deny"
# 执行动作:拒绝(allow/deny/log)
},
{
"state": "on",
"hostname": ["*",""],
"post": ["'*.*([ |/\\*\\*/]and|or[ |/\\*\\*/]).+=.+","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["select.+(from|limit)","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["(?:(union(.*?)select))","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["having|rongjitest","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["sleep\\((\\s*)(\\d*)(\\s*)\\)","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["benchmark\\((.*)\\,(.*)\\)","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["base64_decode\\(","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["(?:from\\W+information_schema\\W)","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["(?:(?:current_)user|database|schema|connection_id)\\s*\\(","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["(?:etc\\/\\W*passwd)","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["into(\\s+)+(?:dump|out)file\\s*","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["group\\s+by.+\\(","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|preg_\\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\\(","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["xwork\\.MethodAccessor","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["(gopher|doc|php|glob|file|phar|zlib|ftp|ldap|dict|ogg|data)\\:\\/","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["java\\.lang","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["\\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)\\[","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["\\<(iframe|script|body|img|layer|div|meta|style|base|object|input)","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["(onmouseover|onerror|onload)\\=\t","jio"],
"action": "deny"
},
... # 下一条规则
]
数据请求样式
URI: http://%ip:%port/api/v2/config_dict
查询操作:
1:查询所有
GET/POST querystring:
action=get&mod=post_Mod
2:查询指定id (支持子节点查询,eg: 1@state)
GET/POST querystring:
action=get&mod=post_Mod&id=1
action=get&mod=post_Mod&id=1@state
设置操作:
1:修改整体
GET/POST querystring:
action=set&mod=post_Mod&value=
[
{
"state": "on",
"post": ["\\.\\./","jio"],
"hostname": ["*",""],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["'*.*([ |/\\*\\*/]and|or[ |/\\*\\*/]).+=.+","jio"],
"action": "deny"
},
{
"state": "on",
"hostname": ["*",""],
"post": ["select.+(from|limit)","jio"],
"action": "deny"
}
]
2:修改单个
GET/POST querystring:
action=set&mod=post_Mod&id=1&value_type=json&value=
{
"state": "on",
"hostname": ["*",""],
"post": ["select.+(from|limit)","jio"],
"action": "deny"
}
删除操作:
1:删除单个
GET/POST querystring:
action=del&mod=post_Mod&id=1
添加操作:
1:添加单个
GET/POST querystring:
action=add&mod=post_Mod&value=
{
"state": "on",
"hostname": ["*",""],
"post": ["select.+(from|limit)","jio"],
"action": "deny"
}
返回消息:
服务器失败:http code ~= 200
服务器成功:{code="ok/error",msg=...}
code = error ,执行状态错误,msg 为错误内容