The forum is here for legacy reasons. No new posts will be created. User registration is disabled! If you have any questions, please email us or check https://www.adultscriptpro.com for more details!
You are not logged in.
Pages: 1
I have seen in the htaccess file that there are parts for preventing SQL injection by using url rewriting.
Is there a way to implement it in Nginx? I have seen this example but it seems it is different from the htaccess
http://www.howtoforge.com/nginx-how-to- … agents-etc
I have also thought of implementing the codes below but I do not know if it is right to do so.
set $block_sql_injections 0;
if ($query_string ~ "base64_encode.*\(.*\)") {
set $block_sql_injections 1;
}
if ($query_string ~ "(\<|%3C).*script.*(\>|%3E)") {
set $block_sql_injections 1;
}
if ($query_string ~ "GLOBALS(=|\[|\%[0-9A-Z]{0,2})") {
set $block_sql_injections 1;
}
if ($query_string ~ "_REQUEST(=|\[|\%[0-9A-Z]{0,2})") {
set $block_sql_injections 1;
}
if ($query_string ~ "SELECT(=|\[|\%[0-9A-Z]{0,2})") {
set $block_sql_injections 1;
}
if ($query_string ~ "UNION(=|\[|\%[0-9A-Z]{0,2})") {
set $block_sql_injections 1;
}
if ($query_string ~ "UPDATE(=|\[|\%[0-9A-Z]{0,2})") {
set $block_sql_injections 1;
}
if ($block_sql_injections = 1) {
rewrite ^(.*)$ index.php last;
}
Offline
Thats a good idea :-)
Adult Scripts: Adult Script Pro - Adult Search Script
Adult Advertising/Traffic: Plug Rush - EXOClick - PopAds
Offline
Pages: 1