Public/Safe3-uusec-waf
2
0
Fork 0
mirror of https://github.com/Safe3/uusec-waf.git synced 2025-10-04 15:01:55 +08:00
Code Issues Projects Releases Packages Wiki Activity
Safe3-uusec-waf/rules/third_party/high-frequency-error-protection.lua
UUSEC Technology e66cca6014 v7.0.0 
### Feature Updates

**Interface & Management**

- Redesigned main program and management interface with improved aesthetics and usability, supports UI language switching (English/Chinese)
- Added Rule Collections functionality: Create custom rule templates for batch configuration
- Introduced whitelist rules that terminate further rule matching upon success
- UUSEC WAF Rules API intelligent suggestions during advanced rule editing:ml-citation
- New plugin management supporting hot-reloaded plugins to extend WAF capabilities

**Protocol & Optimization**

- Supports streaming responses for continuous data push (e.g., LLM stream outputs)
- Enables Host header modification during proxying for upstream service access
- Search engine validation: `waf.searchEngineValid(dns,ip,ua)` prevents high-frequency rules from affecting SEO indexing
- Interception log report generation (HTML/PDF exports)
- Automatic rotation of UUSEC WAF error/access logs to prevent performance issues

**Security & Infrastructure**

- Expanded free SSL certificate support: HTTP-01 & DNS-01 verification across 50+ domain providers
- Customizable advanced WAF settings: HTTP2, GZIP, HTTP Caching, SSL protocols, etc
- Cluster configuration: Manage UUSEC WAF nodes and ML servers via web UI
2025-07-02 09:47:41 +08:00

47 lines
1.1 KiB
Lua
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

--[[
规则名称: 高频错误防护
过滤阶段: 返回HTTP头阶段
危险等级: 中危
规则描述: 针对频繁触发错误的请求的行为进行防护
作者: MCQSJ(https://github.com/MCQSJ)
更新日期: 2024/12/21
--]]
local function isSpecifiedError(status)
local allowed_errors = {400, 401, 403, 404, 405, 429, 444}
return waf.inArray(status, allowed_errors)
end
-- 配置参数
local threshold = 10 -- 错误次数阈值
local timeWindow = 60 -- 时间窗口,单位为秒
local banDuration = 1440 * 60 -- 封禁时间1440分钟 = 86400秒
local ip = waf.ip
local status = waf.status
if not isSpecifiedError(status) then
return false
end
local errorCache = waf.ipCache
local errorKey = "error:" .. ip
local errorCount, flag = errorCache:get(errorKey)
if not errorCount then
errorCache:set(errorKey, 1, timeWindow)
else
if flag == 2 then
return waf.block(true)
end
errorCache:incr(errorKey, 1)
if errorCount + 1 >= threshold then
errorCache:set(errorKey, errorCount + 1, banDuration, 2)
return true, "高频错误触发IP已被封禁", true
end
end
return false
Reference in a new issue View git blame Copy permalink