"GET /en/stores?page=185&country=US&sort=default&alpha= HTTP/1.1" 200 227757 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0"
翻页功能禁止使用:
/stores?page=1
/stores?page=2
/stores?page=3
完整链接:https://www.xx.com/stores?page=1
WAF web_acl配置
Rules:---->Add Rules---->Add my own rules and rule groups
Rule type:Rule builder
Rule:
Name: url_deny 自定义名称
Type:Regular rule
If a request matches all the statements (AND)
Statement 1
Field to match:URI path
Positional constraint:Contains string
Search string: /stores
Text transformations
- None (Priority 0)
AND
Statement 2
Field to match :Query string
Positional constraint:Contains string
Search string: page
Text transformations
- None (Priority 0)
action:block拒绝访问
意思是先满足链接中带有/stores,再满足链接中带有 page,才能拒绝访问,返回403 Forbidden
这样链接中带有/stores可以访问,但是同时满足 2 个条件就不能访问
规则:拒绝 page>=2 的请求
- 匹配条件:Query string 的正则匹配 (Matches regular expression) `page=([2-9]|[1-9][0-9]+)`
- 动作:Block
预设规则: Allow
此规则透过正则表达式撰写,若匹配到 Query String 中 page>=2 的整数,WAF 会阻挡该请求
