rack-shield 1.2.0 → 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -0
- data/lib/rack/shield/version.rb +1 -1
- data/lib/rack/shield.rb +12 -2
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a08b10397030d6fb099720d6d2012adee70498c920e3cd058390dfab5ddfa4b0
|
4
|
+
data.tar.gz: 3270af671fe6fc922884ac0b54fe13432e25db90d1dfee511b48add36cef4e5e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bf63b373e4028d497234fd10a78b57084225ac43893794a92ee9e7f81e0ae224afda214ec39b13ac723c9cad82bd092ba8081430c070d6eef6565e552d70309f
|
7
|
+
data.tar.gz: 35593332faa7b985a5f227d014ae280344041eb0d69f783ce4e4ca7b855da6888dc464031bd2ae8f796e203e0d8546ddbdb5f8ac04e95176fab59f0ba992d7ec
|
data/README.md
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
[![Gem Version](https://badge.fury.io/rb/rack-shield.svg)](http://badge.fury.io/rb/rack-shield) [![build](https://github.com/mtgrosser/rack-shield/actions/workflows/build.yml/badge.svg)](https://github.com/mtgrosser/rack-shield/actions/workflows/build.yml)
|
2
|
+
|
1
3
|
![Shield](https://raw.githubusercontent.com/mtgrosser/rack-shield/master/doc/shield.svg)
|
2
4
|
|
3
5
|
# Rack::Shield
|
data/lib/rack/shield/version.rb
CHANGED
data/lib/rack/shield.rb
CHANGED
@@ -8,7 +8,7 @@ require_relative 'shield/request_ext'
|
|
8
8
|
module Rack
|
9
9
|
module Shield
|
10
10
|
DEFAULT_PATHS = [/\/wp-(includes|content|admin|json|config)/,
|
11
|
-
/\.(php
|
11
|
+
/\.(php\d?|cgi|asp|aspx|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|cmd|py|lasso|e?rb|pl|jsp|do|action|sh|dll|lsp)\z/i,
|
12
12
|
'cgi-bin',
|
13
13
|
'phpmyadmin',
|
14
14
|
'/pma/',
|
@@ -54,12 +54,22 @@ module Rack
|
|
54
54
|
'/aspnet-ajax/',
|
55
55
|
'/Portal.mwsl',
|
56
56
|
'/adminer',
|
57
|
+
'/appsuite/signin',
|
58
|
+
'/io.ox/',
|
59
|
+
'/tkset/',
|
60
|
+
'/bakula-web',
|
61
|
+
'/snort/',
|
62
|
+
'/officescan/',
|
63
|
+
'/servlet/',
|
64
|
+
'/ox6/',
|
65
|
+
'/ws_utc/',
|
57
66
|
/\A\/"/,
|
58
67
|
/\/\.(hg|git|svn|bzr|htaccess|ftpconfig|vscode|remote-sync|aws|env|DS_Store)/,
|
59
68
|
/\/old\/?\z/,
|
60
69
|
/\/\.env\z/,
|
61
70
|
/\A\/old-wp/,
|
62
|
-
/\A\/(wordpress|wp)(\/|\z)
|
71
|
+
/\A\/(wordpress|wp)(\/|\z)/,
|
72
|
+
/Open-Xchange/i]
|
63
73
|
|
64
74
|
DEFAULT_QUERIES = [/SELECT.+FROM.+/i,
|
65
75
|
/SELECT.+COUNT/i,
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-shield
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.2.
|
4
|
+
version: 1.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matthias Grosser
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-05-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack-attack
|