Nginx firewall is recommended to use Nginx 1.18 and above. Better compatibility If it is a version less than 1.18, the compatibility of compiling and installing is fine. Introduction: Nginx WAF is an application layer firewall developed based on the nginx lua module, which effectively mitigates DDOS attacks, prevents most infiltration attacks and provides highly free rule customization functions Note: If you do not understand regular expressions, please do not modify the rules that come with the firewall at will WAF relies on luaJIT components, some nginx versions may have to be reinstalled before they can be used Application scenario: All dynamic websites Features: Site-oriented rule application The protection function of a site can be turned off or turned on separately Highly free rule application, allowing users to edit and choose whether a site uses this rule The main function: Routine filtering, including GET (URI, URI parameters), POST, Cookie, User-Agent, Header, IP black and white list, URI black and white list, etc. URI encryption protection, often used to protect the background of the website URI special rules to quickly fix vulnerabilities CDN mode. If your site uses CDN, please enable CDN mode, otherwise the firewall may affect the normal access of the website. WAF function preview:

aaPanel_Jose why hasn't the version of nginx free waf I have changed as shown in the image above? Even though I have updated my panel to version 6.8.8 .. is this the paid version?

my friend say this plugin got some problem, after install it wordpress can't login and can't install new wordpress. 500 server error

hi sounds cool, is it possible to protect my udp port since i'm using reverse proxy?

This is a very problematic plugin, and hence is a 3rd party or so its the free version, I do not suggest to new people to use it, until AAPanel fix all the bugs and issues in it. And are severals to be fixed.

@aaPanel_Jose hello, did plugin have block attack method like this? 93.87.75.118 - - [03/Mar/2021:07:00:54 -0500] "GET /?XzSBa0x6brQ1ntCudDRgO84MWwoXzSBa0x6brQ1ntCudDRgO84MWwoXzSBa0x6brQ1ntCudDRgO84MWwoXzSBa0x6brQ1ntCudDRgO84MWwo HTTP/1.1" 200 2637 "-" "Mozilla/5.0 (Linux; Android 7.1.1; coolpad E2 Build/NMF26F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.158 Mobile Safari/537.36" 187.16.43.242 - - [03/Mar/2021:07:00:54 -0500] "GET /?gLUEVNMACXG2YFk9rovytmdz4IngLUEVNMACXG2YFk9rovytmdz4IngLUEVNMACXG2YFk9rovytmdz4IngLUEVNMACXG2YFk9rovytmdz4In HTTP/1.1" 501 560 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2; AskTbARS2/5.15.4.23821; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" 209.141.61.129 - - [03/Mar/2021:07:00:54 -0500] "GET /?FEkbpSOJahj5d9QfnPrIFEkbpSOJahj5d9QfnPrIFEkbpSOJahj5d9QfnPrIFEkbpSOJahj5d9QfnPrI HTTP/1.1" 501 560 "-" "Mozilla/5.0 (Linux; Android 8.0.0; SM-N950F Build/R16NW) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.158 Mobile Safari/537.36 OPR/47.3.2249.130976" 187.44.110.157 - - [03/Mar/2021:07:00:54 -0500] "GET /?hV4Qk2UPdXyjuAZ8wYagoWtfKDOImLH0q9vhV4Qk2UPdXyjuAZ8wYagoWtfKDOImLH0q9vhV4Qk2UPdXyjuAZ8wYagoWtfKDOImLH0q9vhV4Qk2UPdXyjuAZ8wYagoWtfKDOImLH0q9v HTTP/1.1" 200 2637 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; BTRS124294; GTB7.5; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)" 138.255.240.66 - - [03/Mar/2021:07:00:54 -0500] "GET /?tl7V6NwA1Jij3x9C2hOaDKIsvXcyGdb5RWzkMHr40qptl7V6NwA1Jij3x9C2hOaDKIsvXcyGdb5RWzkMHr40qptl7V6NwA1Jij3x9C2hOaDKIsvXcyGdb5RWzkMHr40qptl7V6NwA1Jij3x9C2hOaDKIsvXcyGdb5RWzkMHr40qp HTTP/1.1" 200 2637 "-" "Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 Firefox/52.0" 91.205.241.86 - - [03/Mar/2021:07:00:54 -0500] "GET /?YI4lv1Sc62zRHB7jCatEFMLKJ35fbVAGekmPYI4lv1Sc62zRHB7jCatEFMLKJ35fbVAGekmPYI4lv1Sc62zRHB7jCatEFMLKJ35fbVAGekmPYI4lv1Sc62zRHB7jCatEFMLKJ35fbVAGekmP HTTP/1.1" 200 3458 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.82 Safari/537.1" 103.138.212.242 - - [03/Mar/2021:07:00:54 -0500] "GET /?KM3eW0a9u8jA4lP7CoDhZpgVnvk2zfTKM3eW0a9u8jA4lP7CoDhZpgVnvk2zfTKM3eW0a9u8jA4lP7CoDhZpgVnvk2zfTKM3eW0a9u8jA4lP7CoDhZpgVnvk2zfT HTTP/1.1" 200 2637 "-" "Opera/9.80 (J2ME/MIDP; Opera Mini/8.0.35158/35.4658; U; en) Presto/2.8.119 Version/11.10" 213.7.196.26 - - [03/Mar/2021:07:00:54 -0500] "GET /?YH1kXPzMSwnfsLIpyOEBKZj2oaWF5YH1kXPzMSwnfsLIpyOEBKZj2oaWF5YH1kXPzMSwnfsLIpyOEBKZj2oaWF5YH1kXPzMSwnfsLIpyOEBKZj2oaWF5 HTTP/1.1" 200 2637 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 Mozilla/5.0 (Fedora; WOW64; rv:33.0) Gecko/20120101 Firefox/33.0" 70.185.68.133 - - [03/Mar/2021:07:00:54 -0500] "GET /?Dj31e8Gf4MkYBOZFWVyocJ2QvCExT7uqLUA0wrlpmgDj31e8Gf4MkYBOZFWVyocJ2QvCExT7uqLUA0wrlpmgDj31e8Gf4MkYBOZFWVyocJ2QvCExT7uqLUA0wrlpmgDj31e8Gf4MkYBOZFWVyocJ2QvCExT7uqLUA0wrlpmg HTTP/1.1" 200 3458 "-" "Opera/9.80 (Tizen; Opera Mini/7.6.40252/71.132; U; en) Presto/2.12.423 Version/12.16" if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); }

sry,there is no such protection for the time being, we will optimize and add more protection methods in the future

im used Apache 2.4.46 it's will ok ??

bassam Hello, I'm very sorry, nginx firewall is suitable for nginx server, not for apache

prices for per year or per month?

Nginx WAF instructions

VersoBit

idflorin This is a bad implementation and does not take advantage of the fact that this list updates daily. While youll get some benefit from blocking bots, you wont get updates as they come through without a manual task.

This is why we suggested incorporating this list into the WAF tool.

idflorin

VersoBit does not take advantage of the fact that this list updates daily

I don't think the developers will integrate this into Nginx Free Firewall.
I was just suggesting an update to the UA filter based on globalblacklist.conf
btw, do you know why it's blocking uptimerobot ?

VersoBit

idflorin btw, do you know why it's blocking uptimerobot ?

because uptime robot is in the user agent list to be blocked.

idflorin I don't think the developers will integrate this into Nginx Free Firewall.

im a pro user, so my request was more inclined towards the pro version of the waf.

idflorin

true

aaP_mdestafadilah_simrs

idflorin do you have updated ua filter from bad-bots-blocker? like this?

Sovichetra

A question we can use this with OpenLiteSpeed? or is we can install nginx alongside with litespeed?

aaPanel_Kern

Sovichetra
Hello, nginx and openlitespeed only support one, and cannot be installed together. There is no waf for openlitespeed, and we are trying to solve it.

Eric

When I save the page through the admin panel of my cms, I get Type POST Filter SQL injection
Filter rule Semantic analysis analyzes SQL injection

I tried to disable all the rules for the site here,
but it didn't help, only a complete shutdown helped here

When you save this, it is perceived as a SQL injection

how to figure out which rule is causing this problem?

aaPanel_Kern

Eric
hello, what is your cms? What is saved? Try to get its save link?

Eric

aaPanel_Kern cms https://modx.com/

I save the text that is in the screenshot

aaPanel_Kern

Eric
Hello, I have installed it. Which interface are you? How do I get in?

Eric

aaPanel_Kern I have a version 2.8.4-pl https://modx.com/download/other-versions?releaseKey=revolution-2.8.4-pl
But I don't think it will have any effect on the error

aaPanel_Kern

Eric
hello, i tested and didn't find this problem

Eric

aaPanel_Kern strange, it is this text that causes a problem for me.

Can you give me access to the admin panel of the site, I will install the text editor module. Maybe there is something in it

aaPanel_Kern

Eric
Hello, I installed it directly and then modified the content. Nothing was changed, what did you do?

Eric

aaPanel_Kern I changed the content to better understand what exactly is causing the problem.

aaP_bds_namminhphat

Nghinx WAF created error for elementor in wordpress
"403 server error"
how to fix it?

aaPanel_Kern

aaP_bds_namminhphat
Hi, try adding the link to the URL whitelist,

LEJA76071275A

I also am experiencing reduced funcionality when activating WAF on a wordpress | |elementor pro | crocoblock sites. Is there a recommended config for these apps? I am currently searching theads.

Please share a link here if there is additional discussion for WAF.

I am a new "pro" subscriber

aaPanel_Kern

LEJA76071275A
Hello, some performance will be lost when nginx WAF is turned on.

aaP_shivsinghcode

how can remove website attack 558

aaPanel_Kern

aaP_shivsinghcode
Hello, it is not possible to clear it directly.
You can create a Cut Log in the Cron interface, and the execution time depends on your needs. After adding, click Execute to backup and compress the log.
The logs for all sites at this time are empty. Then visit the website. Finally, go to the Log Security Analysis in the Response log of the Conf interface of the website and click the log scan, which is cleared.

« Previous Page Next Page »