Skip to content

Releases: jazir555/NGINX-8G-Firewall

V2 - Events section added to the top of the config

15 Mar 01:59
@jazir555 jazir555
v2
535ea6b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2 - Events section added to the top of the config Latest
Latest

Small issue of a missing event handler, one has been added to the top of the configuration file above the HTTP block

Assets 3
Loading

V1 full release

08 Dec 01:05
@jazir555 jazir555
V1-full-release
92f0dfb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V1 full release

This is the initial full release of the 8G nginx firewall rules.

Changes made:

  1. Removes unnecessary leading quote character from the XSS detection pattern.

  2. Adds word boundaries to the SQL injection patterns for improved accuracy.

  3. Added a $ anchor at the end ensures it matches the TLD at the end of the domain, reducing false positives where those strings might appear as substrings

  4. Modified some overly broad regex patterns

  5. Reduced redundancy

  6. Provide more clear, structured comments to explain each section.

  7. Ensured logging of blocked requests is in place and properly configured.

  8. Went ballistic and added more rules

Loading

Version 5 - Release Candidate

21 Oct 05:36
@jazir555 jazir555
v5
3518c81
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 5 - Release Candidate

Release Candidate version of the 8G NGINX firewall rules

Loading

V3

27 Aug 05:31
@jazir555 jazir555
V3
6ab5b22
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V3

V3 8G firewall with enhanced protections:

1. Additional Event Handler Coverage:

Expands coverage by adding modern event handlers such as touchstart, touchmove, pointerdown, pointerup, and wheel. These additions help mitigate more advanced XSS and DOM manipulation techniques targeting mobile and modern web apps.

2. More Comprehensive SQL Injection Protections:

Extends SQLi protection to include time-based SQL injection methods (pg_sleep, pg_terminate_backend) and encoding techniques (like hex(), ascii()), offering broader defense against various database types.

3. Extended Command Injection Protection:

Significantly expands command injection detection by including additional dangerous binaries and system commands, such as openssl, tcpdump, gdb, and strace. These are frequently used in post-exploitation scenarios and can be used for privilege escalation or lateral movement.

4. Improved Evasive Encoding Detection:

Incorporates detection for advanced encoding manipulation, such as base64 payloads and hex encoding strategies used to bypass standard input filters.

5. Expanded Directory Traversal and File Inclusion Protections:

Extends to block additional sensitive files (like .bash_history, .pem, php://stdin, and phar://). This enhances protection against RFI/LFI attacks targeting broader file systems.

6. Advanced User Agent Blocking:

Includes more modern attack tools and user agents for headless browsers (like puppeteer, selenium, phantomjs), which are often used in scraping or automated attacks.

7. Additional Referrer Blocking:

Introduces more sophisticated referrer blocking, targeting SEO spam and referrer manipulation attacks using base64-encoded data and javascript-injection techniques.

8. Expanded File Extension Coverage

9. Rate Limiting on More Paths:

10. Stricter SSRF Protection:

Strengthens protections against SSRF attacks by more thoroughly blocking internal network ranges, cloud metadata services (AWS, GCP), and expanding to IPv6.

Loading