Skip to content

icodus/xGuard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
.github
.github
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
xG_log.conf
xG_log.conf
 
 
xG_switchgear.conf
xG_switchgear.conf
 
 
xGuard-mappings.conf
xGuard-mappings.conf
 
 
xGuard.conf
xGuard.conf
 
 
xguard-fb-foregrounds-2.jpg
xguard-fb-foregrounds-2.jpg
 
 

Repository files navigation

xGuard

Nginx Firewall

Logo

This is a kind of a fork of the famous 7G Firewall by Jeff Starr.

The code here is based on Jeff Cleverley's GridPane Nginx Configs but modified to better meet Nginx standards.

Should be a bit more reliable and a bit faster.

Logging

xG.log example:

[17/Apr/2024:09:35:30]["bad_querystring_6" "bad_request_24"] 192.168.100.112 gem.domain.com "GET /sheller.js?v=fckeditor HTTP/2.0" 403 0.000 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"

Whitelisting (not a part of this repository)

all in one whitelist.conf example:

#whitelist bad_querystring_6 and bad_referer_13 on gem.domain.com  
"~*(gem.domain.com):(.*)(bad_querystring_6|bad_referer_13)";
#whitelist static files everywhere
"~*(\.(jpg|css|png)):(.*)";
#whitelist bad_request_24 coming from 192.168.100.103  
"~*(192.168.100.103):(.*)(bad_request_24)";
#whitelist bad_querystring_6 and bad_request_24 if query string contains "page=seopress-google-analytics&code"
"~*(page=seopress-google-analytics&code):(.*)(bad_querystring_6|bad_request_24)";

more to come..

About

Nginx firewall

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published