Public/Safe3-uusec-waf
2
0
Fork 0
mirror of https://github.com/Safe3/uusec-waf.git synced 2025-10-04 06:51:54 +08:00
Code Issues Projects Releases Packages Wiki Activity
Safe3-uusec-waf/rules
History
Exact
UUSEC Technology e66cca6014 v7.0.0 
### Feature Updates

**Interface & Management**

- Redesigned main program and management interface with improved aesthetics and usability, supports UI language switching (English/Chinese)
- Added Rule Collections functionality: Create custom rule templates for batch configuration
- Introduced whitelist rules that terminate further rule matching upon success
- UUSEC WAF Rules API intelligent suggestions during advanced rule editing:ml-citation
- New plugin management supporting hot-reloaded plugins to extend WAF capabilities

**Protocol & Optimization**

- Supports streaming responses for continuous data push (e.g., LLM stream outputs)
- Enables Host header modification during proxying for upstream service access
- Search engine validation: `waf.searchEngineValid(dns,ip,ua)` prevents high-frequency rules from affecting SEO indexing
- Interception log report generation (HTML/PDF exports)
- Automatic rotation of UUSEC WAF error/access logs to prevent performance issues

**Security & Infrastructure**

- Expanded free SSL certificate support: HTTP-01 & DNS-01 verification across 50+ domain providers
- Customizable advanced WAF settings: HTTP2, GZIP, HTTP Caching, SSL protocols, etc
- Cluster configuration: Manage UUSEC WAF nodes and ML servers via web UI
2025-07-02 09:47:41 +08:00
..
third_party v7.0.0 2025-07-02 09:47:41 +08:00
abnormal-character-encoding-requests.lua v7.0.0 2025-07-02 09:47:41 +08:00
abnormal-cookies.lua v7.0.0 2025-07-02 09:47:41 +08:00
anti-cc.lua v7.0.0 2025-07-02 09:47:41 +08:00
asp-malformed-encoding-filtering.lua v7.0.0 2025-07-02 09:47:41 +08:00
boundary-exception-interception.lua v7.0.0 2025-07-02 09:47:41 +08:00
command-injection-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
cross-site-script-attack.lua v7.0.0 2025-07-02 09:47:41 +08:00
cve-2025-24813.lua v7.0.0 2025-07-02 09:47:41 +08:00
data-mask.lua v7.0.0 2025-07-02 09:47:41 +08:00
fastjson-vulnerability-interception.lua v7.0.0 2025-07-02 09:47:41 +08:00
force-https.lua v7.0.0 2025-07-02 09:47:41 +08:00
geo-block.lua v7.0.0 2025-07-02 09:47:41 +08:00
header-vulnerability.lua v7.0.0 2025-07-02 09:47:41 +08:00
high-frequency-access-restriction.lua v7.0.0 2025-07-02 09:47:41 +08:00
http-request-smuggling.lua v7.0.0 2025-07-02 09:47:41 +08:00
http-response-splitting.lua v7.0.0 2025-07-02 09:47:41 +08:00
http-splitting.lua v7.0.0 2025-07-02 09:47:41 +08:00
iis-error-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
imagemagick-vulnerability.lua v7.0.0 2025-07-02 09:47:41 +08:00
information-leakage-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
invalid-cookie-protocol.lua v7.0.0 2025-07-02 09:47:41 +08:00
invalid-header-protocol.lua v7.0.0 2025-07-02 09:47:41 +08:00
invalid-post-protocol.lua v7.0.0 2025-07-02 09:47:41 +08:00
invalid-querystring-protocol.lua v7.0.0 2025-07-02 09:47:41 +08:00
java-error-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
java-security-rule-set.lua v7.0.0 2025-07-02 09:47:41 +08:00
json-command-injection-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
json-sql-injection-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
ldap-injection.lua v7.0.0 2025-07-02 09:47:41 +08:00
path-traversal-attack.lua v7.0.0 2025-07-02 09:47:41 +08:00
php-error-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
php-security-rule-set.lua v7.0.0 2025-07-02 09:47:41 +08:00
proxy-header-sql-injection.lua v7.0.0 2025-07-02 09:47:41 +08:00
regional-access-restrictions.lua v7.0.0 2025-07-02 09:47:41 +08:00
request-body-size-limit.lua v7.0.0 2025-07-02 09:47:41 +08:00
request-method-enhancement.lua v7.0.0 2025-07-02 09:47:41 +08:00
rfi.lua v7.0.0 2025-07-02 09:47:41 +08:00
robot-attack-protection.lua v7.0.0 2025-07-02 09:47:41 +08:00
scanner-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
sensitive-file-leak-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
shellshock-vulnerability.lua v7.0.0 2025-07-02 09:47:41 +08:00
sql-error-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
sql-injection-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
turnstile-challenge.lua v7.0.0 2025-07-02 09:47:41 +08:00
universal-attack.lua v7.0.0 2025-07-02 09:47:41 +08:00
upload-file-content-filtering.lua v7.0.0 2025-07-02 09:47:41 +08:00
upload-file-name-filtering.lua v7.0.0 2025-07-02 09:47:41 +08:00
weak-password-detection.lua v7.0.0 2025-07-02 09:47:41 +08:00
xxe-attack.lua v7.0.0 2025-07-02 09:47:41 +08:00