I take it you don't use a WAF of any kind i also think you should add it to a MAP at least instead of using IF.
The WAF I use for these same rules is found here. https://github.com/nbs-system/naxsi The rules for wordpress and other content management systems are found here. http://spike.nginx-goodies.com/rules/ ( a downloadable list they use https://bitbucket.org/lazy_dogtown/doxi-rules ) Naxsi is the best soloution I have found against problems like this especialy with their XSS and SQL extensions enabled. LibInjectionXss; CheckRule "$LIBINJECTION_XSS >= 8" BLOCK; LibInjectionSql; CheckRule "$LIBINJECTION_SQL >= 8" BLOCK; Blocks allot of zero day exploits and unknown exploits / penetration testing techniques. If you want to protect your sites it is definitely worth the look and use. Posted at Nginx Forum: https://forum.nginx.org/read.php?2,274339,274341#msg-274341 _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
