alexazhou / verynginx Goto Github PK
View Code? Open in Web Editor NEWA very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Control Panel, and Dashboards.
License: GNU Lesser General Public License v3.0
A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Control Panel, and Dashboards.
License: GNU Lesser General Public License v3.0
Now only the args of get request will be checked by the args filter
目前我们的网站在cookie里设置了一个值,用来做ab测试,将部分用户跳转到灰度环境。请问是否支持根据cookie做跳转?
您好,我想请问作者的是关于VeryNginx 后端Lua数据采集和前端JS界面显示的数据交互是如何实现的?JS是怎么样读取lua采集到的数据的,对性能有没有影响,我最近也在开发这个东西,但是是刚入门,懂得不是很多,求赐教,也可发邮件到我的信箱Email:[email protected],感谢您的指导~
全是uri的话根本看不清楚呀,或者加入根据域名进行筛选的选项?
PS:话说管理页面的 ABout 为什么会两个字都大写呢?笔误还是有意为之?
PS2:总体来说还是很赛艇,希望可以越来越强力
Ajax request failed [status code = 200]……
虽然微信告诉你了但是还是开个issue吧(
:(
我在verynginx配置界面下修改了一下/verynginx路径之后报500,然后我直接删除了opt文件夹,再来安装verynginx,还是报500,之后我重新编译过nginx,之后还是报500,好神奇 😭
就第一次配置verynginx成功了,修改verynginx访问路径后,怎么样也不能成功了 :(
简单粗暴的办法就是:
当一个ip请求超过300,自动判断判断为攻击ip,加入防火墙。
-L/usr/local/VeryNginx/openresty-1.9.7.4/build/luajit-root/opt/verynginx/openresty/luajit/lib -Wl,-rpath,/opt/verynginx/openresty/luajit/lib -Wl,-E -lpthread -lcrypt -L/usr/local/VeryNginx/openresty-1.9.7.4/build/luajit-root/opt/verynginx/openresty/luajit/lib -lluajit-5.1 -lm -ldl -L/usr/local/VeryNginx/openresty-1.9.7.4/build/luajit-root/opt/verynginx/openresty/luajit/lib -lluajit-5.1 -lm -ldl -lpcre -lssl -lcrypto -ldl -lz
objs/addon/src/ngx_http_lua_regex.o: In function `ngx_http_lua_regex_free_study_data':
/usr/local/VeryNginx/openresty-1.9.7.4/build/nginx-1.9.7/../ngx_lua-0.10.2/src/ngx_http_lua_regex.c:1953: undefined reference to `pcre_free_study'
objs/addon/src/ngx_http_lua_regex.o: In function `ngx_http_lua_ffi_destroy_regex':
/usr/local/VeryNginx/openresty-1.9.7.4/build/nginx-1.9.7/../ngx_lua-0.10.2/src/ngx_http_lua_regex.c:2347: undefined reference to `pcre_free_study'
collect2: ld returned 1 exit status
make[2]: *** [objs/nginx] Error 1
make[2]: Leaving directory `/usr/local/VeryNginx/openresty-1.9.7.4/build/nginx-1.9.7'
make[1]: *** [build] Error 2
make[1]: Leaving directory `/usr/local/VeryNginx/openresty-1.9.7.4/build/nginx-1.9.7'
make: *** [all] Error 2
*** The installing stopped because something was wrong
I was cloned the pro and run install in shell, but it failed, there some info here. So how do I do?
my server's env here:
[root@localhost VeryNginx]# uname -a
Linux localhost.localdomain 2.6.32-042stab113.11 #1 SMP Fri Dec 18 17:32:04 MSK 2015 i686 i686 i386 GNU/Linux
hi,周为
我发现代码中没有保存策略的逻辑,实际上在页面上添加策略后重启服务,这些策略也会消失,建议我帮你修复或者说重构下吗?
Your project looks really nice, although I must admit that I don't speak your language :)
Is it possible to have it at least in English?
https://api.solarhell.com/VeryNginx/dashboard/index.html
I want to use TLS with it.I have already changed the http resources to https,but when i type verynginx to login,the screen just didn't change.
I hope you can fix it.Thanks.
Hi,
I found that the software openresty updated to version 1.9.7.3, and the filename has been changed to openresty-1.9.7.3.tar.gz from ngx_openresty-1.x.x.x.tar.gz.
Pls modify the chapters "安装 Nginx / OpenResty" in file readme.md.
菜鸟,麻烦您了。
想用于生产环境。
我安装成功后,功能都正常,但在congfig-》Sunnary-》Request Summary 中启动attack_sql_0统计后,在error.log出现如下错误:
2016/07/14 18:55:14 [error] 8627#0: 22 failed to run log_by_lua: ...verynginx/verynginx/lua_script/module/request_tester.lua:111: API disabled in the context of log_by_lua*
stack traceback:
[C]: in function 'read_body'
...verynginx/verynginx/lua_script/module/request_tester.lua:111: in function <...verynginx/verynginx/lua_script/module/request_tester.lua:84>
...verynginx/verynginx/lua_script/module/request_tester.lua:18: in function 'test'
/opt/verynginx/verynginx/lua_script/module/summary.lua:52: in function 'log'
/opt/verynginx/verynginx/lua_script/on_log.lua:5: in function </opt/verynginx/verynginx/lua_script/on_log.lua:1> while logging request, client: 10.68.31.75, server: , request: "GET /verynginx/status HTTP/1.1", host: "10.68.16.65", referrer: "http://10.68.16.65/verynginx/index.html"
导致无法统计sql攻击数据,各位大神看是什么问题?
我的全部安装脚本如下(ubuntu 14 server 64位,安装过程无报错):
cd ~
sudo su
apt-get update
apt-get install make
ln -s /usr/bin/make /usr/bin/gmake
apt-get install gcc
apt-get install libpcre3 libpcre3-dev
apt-get install openssl libssl-dev
apt-get install git
git clone https://github.com/alexazhou/VeryNginx.git
cd VeryNginx
python install.py install
/opt/verynginx/openresty/nginx/sbin/nginx
主要是想对API做Frequency Limit 判断。如果前台ajax请求ajax超过limit,并且获取到这个特定的json后,能做相应的UI展示,比如提示用户:亲~您的操作过于频繁,请稍候再试!
301到一个url谢谢啦。
登陆后,刷新浏览器,会再退出到输入用户名、密码的登陆界面。:100:
make[2]: Leaving directory '/root/openresty-1.9.7.5/build/nginx-1.9.7'
make[1]: Leaving directory '/root/openresty-1.9.7.5/build/nginx-1.9.7'
cp -r -f ./verynginx /opt/verynginx
cp: cannot stat './verynginx': No such file or directory
*** The installing stopped because something was wrong
安装到这步还能用吗?
VeryNginx 启动后,可以通过浏览器访问管理面板来查看状态以及进行配置。
管理面板地址为 http://{{your_machine_address}}/VeryNginx/index.html。
实际应为小写
http://{{your_machine_address}}/verynginx/index.html
已有域名的网站占用了80和443端口,访问VeryNginx会自动跳转到 域名加/VeryNginx/dashboard/index.html,这个页面的链接都打不开
怎样才能自定义配置VeryNginx的访问端口?
如同 server { listen:8080} 那样?
SQL注入、CC攻击、恶意扫描之类的~~
AlexaZhou,VeryNginx很不错,辛苦了。
加入缓存功能 这样就比较完美了
还有就是sql 防护规则可以自定义吗?
The address of dashboard is http://{{your_machine_address}}/VeryNginx/index.html
应该是:
The address of dashboard is http://{{your_machine_address}}/vn/index.html
看了眼需要Included的3个文件并没有server信息
include /opt/verynginx/verynginx/nginx_conf/in_external.conf;
include /opt/verynginx/verynginx/nginx_conf/in_http_block.conf;
include /opt/verynginx/verynginx/nginx_conf/in_server_block.conf;
是不是需要手动把\dashboard放到目录下然后访问?
这个能防护xss插入吗
And you need run "nginx -s reload" to apply the new config to all worker
What about extracting default VeryNginx configuration from nginx.conf into a file alone then includes it from nginx.conf by default?
If there is any update to this configuration in the future, upgrading will be simpler.
verynginx能不能安装后,直接写到服务中呢?
目前verynginx安装完毕后,是需要手工启动的,那么安装后,能不能直接写到/etc/init.d/下面呢
Although I can use rewrite rule to make a shorten url,But how can I block access from the original /verynginx/dashboard/ ?
是否支持upstream功能,有开放计划么
作者是否有即时消息联系方式,因为错误问题详情无法公开展示
I tried to change username and password,but i can't save it.
And there is only encrypt_seed.json
in /opt/verynginx/verynginx/configs
.
添加防注入 and 1=1 和and 1=2 这种规则 立马500
打扰了,问个很初级的问题。利用install.py安装完毕,打开管理页面的时候404。进入到nginx.conf
location = / {
root html;
index index.html index.htm;
是因为需要修改指向的目录?
It may crash at submit
failed to get post args: requesty body in temp file not supported
保存配置的时候有时候会出现这个,
然后后续任何修改都没法保存了,reload之后也没法保存,
只能把nginx stop
When post very big data or upload a file, nginx may cache the data to disk file, and get_post_args will raise a exception "requesty body in temp file not supported"
The property of the status chat need be improved
We need a install script to make install more easy
I add new condition
Type : Host
Operatoer : Equal
Value : example.com
How do I test is condition Host Matcher
?
希望能看到ua
VeryNginx做的很不错,必须赞。但还是有些安全问题。
管理面板的地址,在nginx的反代模式下能直接使用www.xxx.com(反代的域名)/verynginx/index.html直接访问到Verynginx的管理面板,这其实是很不安全的。而且我尝试了各种各样的改法都无法修正这问题。
在cookies的验证里 会出现verynginx字段,这类名字会成为一个强特征,让人有针对的地方。
建议能在这两个问题上有自主修改的空间。还是非常感谢作者。
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.