Commit 22873d2 1 parent a6fa9bf commit 22873d2 Copy full SHA for 22873d2
File tree 1 file changed +28
-0
lines changed
1 file changed +28
-0
lines changed Original file line number Diff line number Diff line change 88 listen [::]:80;
99 client_max_body_size 0m ;
1010 location / {
11+ # Unauthenticated ReDoS prevention
12+ set $redos_check "" ;
13+ if ($request_uri ~* "(/login)" ){
14+ set $redos_check U;
15+ }
16+ if ($request_method = POST){
17+ set $redos_check "${redos_check}M" ;
18+ }
19+ if ($http_content_type != "application/x-www-form-urlencoded" ){
20+ set $redos_check "${redos_check}CT" ;
21+ }
22+ if ($redos_check = UMCT){
23+ return 403 ;
24+ }
1125 proxy_buffer_size 128k ;
1226 proxy_buffers 4 256k ;
1327 proxy_busy_buffers_size 256k ;
@@ -18,6 +32,20 @@ http {
1832 proxy_set_header X-Forwarded-Proto $scheme ;
1933 }
2034 location /legacy/ {
35+ # Unauthenticated ReDoS prevention
36+ set $redos_check "" ;
37+ if ($request_uri ~* "(/login)" ){
38+ set $redos_check U;
39+ }
40+ if ($request_method = POST){
41+ set $redos_check "${redos_check}M" ;
42+ }
43+ if ($http_content_type != "application/x-www-form-urlencoded" ){
44+ set $redos_check "${redos_check}CT" ;
45+ }
46+ if ($redos_check = UMCT){
47+ return 403 ;
48+ }
2149 proxy_buffer_size 128k ;
2250 proxy_buffers 4 256k ;
2351 proxy_busy_buffers_size 256k ;
You can’t perform that action at this time.
0 commit comments