openresty nginx windows 屏蔽request_body请求中sql注入

1. 准备

openresty nginx程序。openresty@https://github.com/openresty/openresty

用法，文档。lua-nginx-module@https://github.com/openresty/lua-nginx-module

perl 命令。perl任意发行版。

2. nginx.conf

注意：匹配sql注入正则表达式，需要自己准备。下面的正则不知道有没有效。

worker_processes  1;
error_log logs/error.log;
events {
    worker_connections 1024;
}
http {
    server {
        listen 8080;
        location /api {
            default_type text/html;
            lua_need_request_body on;
            access_by_lua_block {
                local body = ngx.var.request_body
                if ngx.var.request_method == "POST" and body ~= nil then
                    local regex = "(.*?((select)|(from)|(count)|(delete)|(update)|(drop)|(truncate)).*?){2,}"
                    local m = ngx.re.match(body, regex)
                    if m then ngx.exit(404) end
                end
            }
            proxy_pass http://127.0.0.1;
        }
    }
}