jazz1611 This type of problem you do not solve with firewall, you are getting an application attack, this type of attack needs to be mitigated with htaccess. If you wish I'm an information security engineer, I can help you with that.
Third-party plug-in for aaPanel [Nginx Free Firewall]
2 months later
we need update plz
2 months later
@aaPanel_Jose @aapanel_sniper any plan to support nginx free firewall on ARM instance please? If using nginx and nginx free firewall then nginx cannot run after reboot until uninstall nginx free firewall on ARM instance.
Hello aaP_Rajib
We are still working on the compatibility of the arm platform
aaPanel_Jose thanks for the quick response. Looking forward to it. While talking about ARM support, mail server also not supposed yet. Hope can look into that also.
a month later
False positive submit is failing.
3 months later
How to set whitelist ip range ipv4 and ipv6 cloudflare as in fail2ban? Sometimes this app blocks cloudflare. I use this app because it is more effective in securing the server from ddos attacks than fail2ban.
adis0308
hello, try to set in ip whitelist
25 days later
- Edited
Hi,
In URL blacklist, what should be the correct syntax to disallow all readme.txt file from all my web site ?
I want to disallow this /wp-content/plugins/contact-form-7/readme.txt but I don't want to set all my wordpress full paths one by one.
Raffi
Hi, try this, is it ok?
^/readme.txt
no 
I had already tried, but as the syntax is particular there I just made with a copy/paste of your message.
Raffi
First check whether the firewall is in effect:
Is there any interception of using a browser to access the link? Replace xxx.com with your domain name. http://www.xxx.com/?id=1%27union%20select%20user(),1,3--
Effective diagram:
I don't understand " Effective diagram:"
-
Here is what I get :
-
I also tested to block with the full path
(PS : note that it works fine for wp-login.php)
Raffi
Set to: /wp-content/plugins/xxx/readme.txt Change xxx to your path.
Great thanks ! it worked !!!!
7 days later
Does it support ARM platform now?
I just double check, the plugin [Nginx Free Firewall] 5.0 is still not compatible with ARM sever. However, on the chinese version of aapanel(BaoTa), the author already update the plugin to 6.7. This version is in fact compatible with ARM sever. Can you please provide the newest version of this plugin? Or is there a way I can get this zip file, and upload it to aapanel?
sparkyidea
This can only wait for the author to update.
4 months later
Olá. Se for possível , como faço para bloquear o acesso de alguns países com Nginx Free Firewall?
Hello. If possible, how do I block access from some countries with Nginx Free Firewall?