[GH-ISSUE #100] 使用wordpress规则后waf不拦截 #211

New issue

Closed

opened 2026-03-13 17:03:32 +03:00 by kerem · 2 comments

kerem commented

2026-03-13 17:03:32 +03:00

Owner

Originally created by @opcache on GitHub (Jul 14, 2022).
Original GitHub issue: https://github.com/ADD-SP/ngx_waf/issues/100

版本：ngx_waf:v6.1.9
NGINX版本：nginx/1.22.0
NGINX配置：里面 include /etc/nginx/conf.d/rewrite/wordpress.conf;
wordpress规则：
`
cat wordpress.conf

location / {

index index.html index.php;

if (-f $request_filename/index.html){

rewrite (.*) $1/index.html break;

}

if (-f $request_filename/index.php){

rewrite (.*) $1/index.php;

}

if (!-f $request_filename){

rewrite (.*) /index.php;

}

`
验证命令：curl https://xxxxxx.com/phpmyadmin/dadmin.html
复现过程：加上wordpress规则，使用命令请求，出现不拦截报404，把wordpress规则去掉，出现拦截报403

Originally created by @opcache on GitHub (Jul 14, 2022). Original GitHub issue: https://github.com/ADD-SP/ngx_waf/issues/100 版本：ngx_waf:v6.1.9 NGINX版本：nginx/1.22.0 NGINX配置：里面 include /etc/nginx/conf.d/rewrite/wordpress.conf; wordpress规则： ` cat wordpress.conf location / { index index.html index.php; if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } if (!-f $request_filename){ rewrite (.*) /index.php; } } ` 验证命令：curl https://xxxxxx.com/phpmyadmin/dadmin.html 复现过程：加上wordpress规则，使用命令请求，出现不拦截报404，把wordpress规则去掉，出现拦截报403

kerem

2026-03-13 17:03:32 +03:00

closed this issue
added the
stale
label

kerem commented

2026-03-13 17:03:48 +03:00

Author

Owner

@hibobmaster commented on GitHub (Jul 18, 2022):

rewrite指令存在兼容性问题
https://docs.addesp.com/ngx_waf/guide/compatibility.html#module-compatibility

@hibobmaster commented on GitHub (Jul 18, 2022): rewrite指令存在兼容性问题 https://docs.addesp.com/ngx_waf/guide/compatibility.html#module-compatibility

kerem commented

2026-03-13 17:03:53 +03:00

Author

Owner

@stale[bot] commented on GitHub (Jul 25, 2022):

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
此 issue 因为最近没有任何活动已经被标记，如果在此之后的一段时间内仍没有任何活动则会被关闭。感谢您对项目的支持。

@stale[bot] commented on GitHub (Jul 25, 2022): This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. 此 issue 因为最近没有任何活动已经被标记，如果在此之后的一段时间内仍没有任何活动则会被关闭。感谢您对项目的支持。