Nginx firewall is recommended to use Nginx 1.18 and above. Better compatibility
If it is a version less than 1.18, the compatibility of compiling and installing is fine.

Introduction:
Nginx WAF is an application layer firewall developed based on the nginx lua module, which effectively mitigates DDOS attacks, prevents most infiltration attacks and provides highly free rule customization functions

Note:

  1. If you do not understand regular expressions, please do not modify the rules that come with the firewall at will
  2. WAF relies on luaJIT components, some nginx versions may have to be reinstalled before they can be used

Application scenario:
All dynamic websites

Features:

  1. Site-oriented rule application
  2. The protection function of a site can be turned off or turned on separately
  3. Highly free rule application, allowing users to edit and choose whether a site uses this rule

The main function:

  1. Routine filtering, including GET (URI, URI parameters), POST, Cookie, User-Agent, Header, IP black and white list, URI black and white list, etc.
  2. URI encryption protection, often used to protect the background of the website
  3. URI special rules to quickly fix vulnerabilities
  4. CDN mode. If your site uses CDN, please enable CDN mode, otherwise the firewall may affect the normal access of the website.

WAF function preview:







    aaPanel_Jose why hasn't the version of nginx free waf I have changed as shown in the image above? Even though I have updated my panel to version 6.8.8 .. is this the paid version?

        my friend say this plugin got some problem, after install it wordpress can't login and can't install new wordpress. 500 server error

        hi sounds cool, is it possible to protect my udp port since i'm using reverse proxy?

        • [deleted]

        • Post #6

        This is a very problematic plugin, and hence is a 3rd party or so its the free version, I do not suggest to new people to use it, until AAPanel fix all the bugs and issues in it. And are severals to be fixed.

        @aaPanel_Jose
        hello,

        did plugin have block attack method like this?

        93.87.75.118 - - [03/Mar/2021:07:00:54 -0500] "GET /?XzSBa0x6brQ1ntCudDRgO84MWwoXzSBa0x6brQ1ntCudDRgO84MWwoXzSBa0x6brQ1ntCudDRgO84MWwoXzSBa0x6brQ1ntCudDRgO84MWwo HTTP/1.1" 200 2637 "-" "Mozilla/5.0 (Linux; Android 7.1.1; coolpad E2 Build/NMF26F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.158 Mobile Safari/537.36"
187.16.43.242 - - [03/Mar/2021:07:00:54 -0500] "GET /?gLUEVNMACXG2YFk9rovytmdz4IngLUEVNMACXG2YFk9rovytmdz4IngLUEVNMACXG2YFk9rovytmdz4IngLUEVNMACXG2YFk9rovytmdz4In HTTP/1.1" 501 560 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2; AskTbARS2/5.15.4.23821; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
209.141.61.129 - - [03/Mar/2021:07:00:54 -0500] "GET /?FEkbpSOJahj5d9QfnPrIFEkbpSOJahj5d9QfnPrIFEkbpSOJahj5d9QfnPrIFEkbpSOJahj5d9QfnPrI HTTP/1.1" 501 560 "-" "Mozilla/5.0 (Linux; Android 8.0.0; SM-N950F Build/R16NW) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.158 Mobile Safari/537.36 OPR/47.3.2249.130976"
187.44.110.157 - - [03/Mar/2021:07:00:54 -0500] "GET /?hV4Qk2UPdXyjuAZ8wYagoWtfKDOImLH0q9vhV4Qk2UPdXyjuAZ8wYagoWtfKDOImLH0q9vhV4Qk2UPdXyjuAZ8wYagoWtfKDOImLH0q9vhV4Qk2UPdXyjuAZ8wYagoWtfKDOImLH0q9v HTTP/1.1" 200 2637 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; BTRS124294; GTB7.5; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)"
138.255.240.66 - - [03/Mar/2021:07:00:54 -0500] "GET /?tl7V6NwA1Jij3x9C2hOaDKIsvXcyGdb5RWzkMHr40qptl7V6NwA1Jij3x9C2hOaDKIsvXcyGdb5RWzkMHr40qptl7V6NwA1Jij3x9C2hOaDKIsvXcyGdb5RWzkMHr40qptl7V6NwA1Jij3x9C2hOaDKIsvXcyGdb5RWzkMHr40qp HTTP/1.1" 200 2637 "-" "Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 Firefox/52.0"
91.205.241.86 - - [03/Mar/2021:07:00:54 -0500] "GET /?YI4lv1Sc62zRHB7jCatEFMLKJ35fbVAGekmPYI4lv1Sc62zRHB7jCatEFMLKJ35fbVAGekmPYI4lv1Sc62zRHB7jCatEFMLKJ35fbVAGekmPYI4lv1Sc62zRHB7jCatEFMLKJ35fbVAGekmP HTTP/1.1" 200 3458 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.82 Safari/537.1"
103.138.212.242 - - [03/Mar/2021:07:00:54 -0500] "GET /?KM3eW0a9u8jA4lP7CoDhZpgVnvk2zfTKM3eW0a9u8jA4lP7CoDhZpgVnvk2zfTKM3eW0a9u8jA4lP7CoDhZpgVnvk2zfTKM3eW0a9u8jA4lP7CoDhZpgVnvk2zfT HTTP/1.1" 200 2637 "-" "Opera/9.80 (J2ME/MIDP; Opera Mini/8.0.35158/35.4658; U; en) Presto/2.8.119 Version/11.10"
213.7.196.26 - - [03/Mar/2021:07:00:54 -0500] "GET /?YH1kXPzMSwnfsLIpyOEBKZj2oaWF5YH1kXPzMSwnfsLIpyOEBKZj2oaWF5YH1kXPzMSwnfsLIpyOEBKZj2oaWF5YH1kXPzMSwnfsLIpyOEBKZj2oaWF5 HTTP/1.1" 200 2637 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 Mozilla/5.0 (Fedora; WOW64; rv:33.0) Gecko/20120101 Firefox/33.0"
70.185.68.133 - - [03/Mar/2021:07:00:54 -0500] "GET /?Dj31e8Gf4MkYBOZFWVyocJ2QvCExT7uqLUA0wrlpmgDj31e8Gf4MkYBOZFWVyocJ2QvCExT7uqLUA0wrlpmgDj31e8Gf4MkYBOZFWVyocJ2QvCExT7uqLUA0wrlpmgDj31e8Gf4MkYBOZFWVyocJ2QvCExT7uqLUA0wrlpmg HTTP/1.1" 200 3458 "-" "Opera/9.80 (Tizen; Opera Mini/7.6.40252/71.132; U; en) Presto/2.12.423 Version/12.16"

          sry,there is no such protection for the time being, we will optimize and add more protection methods in the future

          12 days later
          8 days later
          15 days later

          any latest update about this paid version, i need website security but reviews are not enough. please share latest information and reliability about this plugin,

          Thanks

            just bought and installed and my server got down :S uninstalling it and rebooting lets c

              Yamiraan
              is your server or a webserver down?

              What version of nginx and linux server are you using?

                webserver was down, im using Nginx 1.19.7 with Centos 8, everything was updated, really need your help @jose to install this paid plugin, Thanks

                  Connect with us: 📨 Telegram 💬 Discord Email: support@aapanel.com