Nginx - SQL Injection Prevention

SQL Injection Prevention adalah langkah-langkah untuk mencegah serangan di mana penyerang menyisipkan SQL berbahaya ke dalam query database.

Berikut Konfigurasinya :

set $block_sql_injections 0;

if ($query_string ~ "union.*select.*\(") {
    set $block_sql_injections 1;
}
if ($query_string ~ "union.*all.*select.*") {
    set $block_sql_injections 1;
}
if ($query_string ~ "concat.*\(") {
    set $block_sql_injections 1;
}
if ($block_sql_injections = 1) {
    return 403;
}

Revision #2
Created 19 February 2025 03:30:03 by Kevin
Updated 19 February 2025 04:33:25 by Kevin