From f7f2a089e609b3bb25685f31cb247b674b80e9af Mon Sep 17 00:00:00 2001
From: weakestan <22886548@qq.com>
Date: Tue, 7 Aug 2018 08:05:43 +0800
Subject: [PATCH 01/11] Update config.lua
---
config.lua | 25 +++++++++++++++++++------
1 file changed, 19 insertions(+), 6 deletions(-)
diff --git a/config.lua b/config.lua
index 6e66ce6..e588c32 100644
--- a/config.lua
+++ b/config.lua
@@ -1,23 +1,36 @@
-RulePath = "/usr/local/nginx/conf/waf/wafconf/"
+RulePath = "/etc/nginx/waf/wafconf/"
attacklog = "on"
-logdir = "/usr/local/nginx/logs/hack/"
+--保存日志到文件
+logtofile = "off"
+logdir = "/var/log/nginx/"
+--保存日志到syslog,采用nginx设置
+logtoserver = "on"
+--通过log日志方式提交hack_ip记录到ros(失败:ros没办法将udp提交的信息加载到地址表)
+loghack="off"
+--rosip='192.168.199.1'
+------------
UrlDeny="on"
Redirect="on"
CookieMatch="on"
postMatch="on"
whiteModule="on"
black_fileExt={"php","jsp"}
-ipWhitelist={"127.0.0.1"}
+ipWhitelist={"127.0.0.1","192.168.2.1"}
ipBlocklist={"1.0.0.1"}
-CCDeny="off"
-CCrate="100/60"
+--违规ip登记,是否限制访问。
+--hackrate超过10次/5秒,限制访问1800秒。
+hackipdeny="on"
+hackrate="10/60/1800"
+--cc攻击防范
+CCDeny="on"
+CCrate="30/60/30"
html=[[
网站防火墙