Filtering all requests

n1kt0 · August 10, 2022, 2:58pm

Good afternoon.

The question is, can I filter all traffic before Host or HostSNI works in a dynamic file?
What for? Lots of junk requests like

vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/pve2/ext6/theme-crisp/resources/theme-crisp-all.css
/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21
/pwt/css/ext6-pmx.css?ver=2.6-1
/proxmoxlib.js?ver=2.6-1
/phpmyadmin2014/index.php?lang=en

I want to proactively reject such requests before the rules are triggered. That is, some global filter that rejects vendor||pve2||HelloThinkPHP||phpmyadmin2014 requests.

I have settings for each host in separate files and it will be inconvenient to edit each one.

Thanks in advance.

douglasdtm · August 15, 2022, 12:36pm

Hi @n1kt0

I believe that would be the works of a WAF, currently we don't have any middleware to do that out of the box but I see there are some community plugins available in the catalog that deal with modsecurity and other WAF implementations.

Take a look and let us know if any of them is a good fit, it might be helpful for other users as well

Topic		Replies	Views
Middleware Path not blocking multiple forward slashes in url Traefik v2 (latest) file	7	85	April 17, 2024
Mitigation for CVE-2021-44228 Traefik v2 (latest) middleware	4	1883	December 20, 2021
Whitelist Configuration Traefik v2 (latest) middleware	4	1252	March 28, 2022
How to whitelist dynamic host IP Traefik v2 (latest) middleware	3	2008	October 12, 2022
Whitelist / acceslist in routers Traefik v2 (latest) docker , file	3	231	July 12, 2023

Filtering all requests

Related Topics