Skip to content

Commit

Permalink
Ignoring internal requests: no cleanup needed
Browse files Browse the repository at this point in the history
  • Loading branch information
@diego-treitos
diego-treitos committed Jul 20, 2018
1 parent 65db7c2 commit 8dfe744
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 11 deletions.
10 changes: 0 additions & 10 deletions waf/init.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,16 +73,6 @@ function block( rule_type, rule_id, text_to_check )
end
-- log the request
log_blocked( rule_type, rule_id, text_to_check )
-- clean the request to avoid rechecking it
ngx.req.set_method( ngx.HTTP_GET )
ngx.req.set_uri( '/', false ) -- use uri tat is not blocked
if ngx.header.content_length ~= nil then -- use body that is not blocked
ngx.req.set_body_data( '' )
ngx.req.clear_header( 'Content-Length' )
end
ngx.req.clear_header( 'User-Agent' )
ngx.req.set_header( 'User-Agent', 'nginx_waf_blocked' ) -- use agent that is not blocked ( non-empty )
ngx.req.clear_header( 'Cookie' )
-- block the request (also changes the url and clears the args)
return ngx.exec( nw_location_denied, '' )
end
Expand Down
2 changes: 1 addition & 1 deletion waf/waf.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

require 'config'

if nw_enabled then
if nw_enabled and not ngx.req.is_internal() then
-- check whitelist
local whitelisted = false
for _,host in pairs( nw_remote_whitelist ) do
Expand Down

0 comments on commit 8dfe744

Please sign in to comment.