Invalid URL Prefix Error

[xemose]

Problem: The following error shows up when the waf is executed through waf:exec(). It was working before, but something changed and it now gives out a 500 internal server error.

Error Log
2018/10/07 20:32:42 [error] 6830#0: *1 invalid URL prefix in "http://", client: 192.168.1.225, server: $http_host, request: "GET / HTTP/1.1", host: "test.beta:8080"

Edit: Found a more concise error log. There is a previous issue for this but there is no solution for it.

2018/10/07 21:29:50 [error] 636#0: *1 lua entry thread aborted: runtime error: /etc/nginx/library/resty/waf/load_ac.lua:76: attempt to call upvalue 'ac_create' (a nil value)
stack traceback:
coroutine 0:
	/etc/nginx/library/resty/waf/load_ac.lua: in function 'create_ac'
	/etc/nginx/library/resty/waf/operators.lua:259: in function </etc/nginx/library/resty/waf/operators.lua:252>
	/etc/nginx/library/resty/waf.lua:297: in function '_process_rule'
	/etc/nginx/library/resty/waf.lua:543: in function 'exec'
	access_by_lua(proxy.conf:29):8: in function <access_by_lua(proxy.conf:29):1>, client: 192.168.1.225, server: $http_host, request: "GET / HTTP/1.1", host: "test.beta:8080", referrer: "http://test.beta:8080/"

Installation Process: Used luarocks

Configuration:

server {
    set $template_location /html;
	listen 192.168.1.232:8080;
	server_name $http_host;
	
	location / {
		set $backend "";
		default_type text/html;
		access_by_lua_block {
			local template = require "resty.template"
			local ck = require "resty.cookie"
			local lua_resty_waf = require "resty.waf"
			local waf = lua_resty_waf:new()
        	         waf:set_option("debug", true)
			waf:set_option("mode", "ACTIVE")
			waf:exec()
			local cookie, err = ck:new()
			if not cookie then
		                ngx.log(ngx.ERR, err)
				return
			end

			local verify, err = cookie:get("fireball")
			if verify then
				ngx.var.backend = "192.168.1.247"
			else
				template.render("verify.html", { website = ngx.var.host })
			end
		}
		proxy_pass http://$backend;
		proxy_set_header Host $host;
	}
}

[p0pr0ck5]

Can you paste the debug logs here from when you see a failed request?

[xemose]

If I trigger the WAF on purpose it throws this error:

2018/10/13 16:52:55 [error] 1508#0: *3 lua entry thread aborted: runtime error: /etc/nginx/library/resty/waf/load_ac.lua:76: attempt to call upvalue 'ac_create' (a nil value)
stack traceback:
coroutine 0:
	/etc/nginx/library/resty/waf/load_ac.lua: in function 'create_ac'
	/etc/nginx/library/resty/waf/operators.lua:259: in function </etc/nginx/library/resty/waf/operators.lua:252>
	/etc/nginx/library/resty/waf.lua:297: in function '_process_rule'
	/etc/nginx/library/resty/waf.lua:543: in function 'exec'
	access_by_lua(proxy.conf:39):12: in function <access_by_lua(proxy.conf:39):1>, client: 172.31.98.150, server: _, request: "GET /?ok=%3Cscript%3Ealert(%27hi%27);%3C/script%3E HTTP/1.1", host: "test.beta:8080"

I solved the invalid URL prefix error by executing the WAF at the end of the block. It seems like when the WAF executed at the beginning it ignored all the code below and tried to do a proxy_pass with a blank variable. It works all fine if the WAF is not triggered, but as soon as it is triggered the 500 error appears. For now I have set the 500 error page to the WAF deny page. But I do need a permanent solution to this, I can't push this into production.

Thank You

[p0pr0ck5]

It seems lua-resty-waf is not installed correctly. How did you install this?

[xemose]

I used luarocks to install it, using the command below.

luarocks install lua-resty-waf

[xemose]

Can someone help me resolve this issue?

[V1og]

hello xemose, have you solve this problem?

[AlpYilmazz]

@xemose @V1og This error means the waf module cannot find the lua-aho-corasick library which should have been installed as libac.so to /usr/local/openresty/site/lualib (check the Makefile), most probably this step is not the issue, probably the issue is that you should specify
lua_package_cpath "/usr/local/openresty/site/lualib/?.so;;"
directive in nginx conf file.