一、
(1)
线上收到一个crlf 注入的漏洞. 同时启用80和443才会暴露,配置如下:
server {
listen 80;
listen 443 ssl;
server_name www.jyall.cn;
access_log /data/log/nginx/www.jyall.cn.access.log ngx_main;
error_log /data/log/nginx/www.jyall.cne.error.log;
charset utf-8;
underscores_in_headers on;
ssl_certificate ssl/www.jyall.cn-2019-12-13.crt;
ssl_certificate_key ssl/www.jyall.cn-2019-12-13.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
set $rewrite_status 0;
if ($https_status = off) {
set $rewrite_status "${rewrite_status}1";
}
if ($scheme = http) {
set $rewrite_status "${rewrite_status}2";
}
if ($https = on) {
set $https_status $https;
}
if ($rewrite_status = 012) {
rewrite / https://$host$request_uri permanent;
break;
}
location / {
allow 0.0.0.0/24;
deny all;
proxy_pass http://www.baidu.com;
}
location /test {
default_type application/json;
return 200 '{"status":"success","result_https":$scheme-$server_name$request_uri}';
}
}
(2)
rewrite / https://$host$uri permanent; 改成 rewrite / https://$host$request_uri permanent; 就可以解决。
