How to use Linux server to enhance filtering and inspection of web interface?

How to use Linux server to enhance the filtering and inspection of Web interface?

As the main entrance to Internet applications, the security of Web interfaces has always attracted much attention. In order to protect the web interface, we usually take various measures to filter and inspect the request and response data of the interface. In this article, we will introduce how to use a Linux server to enhance filtering and inspection of web interfaces, and provide code examples.

1. Use Nginx for access control

Nginx is a high-performance HTTP reverse proxy server, which can be used as a front-end server for access control. By configuring Nginx, we can restrict access to specific IP addresses or IP address ranges to ensure that only legitimate requests can pass.

The sample configuration file is as follows:

server {
    listen 80;
    server_name example.com;

    location /api {
        deny 192.168.0.0/24;
        allow all;
    }

    location / {
        root /var/www/html;
        index index.html;
    }
}

In the above configuration, requests under the /api path will be restricted, and only access other than the IP address segment 192.168.0.0/24 will be allowed. Other requests will be redirected to the index.html file in the /var/www/html directory.

2. Use Nginx for request filtering

In addition to access control, we can also use Nginx for request filtering. By configuring Nginx's rewrite module and reverse proxy, we can filter out some malicious requests or illegal parameters.

The sample configuration file is as follows:

server {
    listen 80;
    server_name example.com;

    location /api {
        if ($args ~ (?:[^=s&]+)(?:&[^=s&]+)*$) {
            return 403;
        }

        proxy_pass http://backend;
    }

    location / {
        root /var/www/html;
        index index.html;
    }
}

In the above configuration, if the request parameter contains illegal characters or the parameter format is incorrect, a 403 error will be returned. Legitimate requests will be forwarded to the backend server.

3. Use ModSecurity for application layer firewall

Another way to strengthen the filtering and inspection of Web interfaces is to use ModSecurity, which is an open source Web application layer firewall. By configuring ModSecurity, we can perform in-depth inspection and filtering of request and response data.

The sample configuration file is as follows:

SecRuleEngine On

SecRequestBodyLimit 13107200
SecRequestBodyInMemoryLimit 13107200
SecRequestBodyNoFilesLimit 13107200
SecRequestBodyAccess On

SecRule REQUEST_METHOD "POST" "id:1,phase:1,t:none,pass,nolog,ctl:requestBodyProcessor=XML"

SecRule REQUEST_HEADERS:Content-Type "application/(?:json|xml)" 
  "id:2,phase:1,t:none,pass,nolog,ctl:requestBodyProcessor=JSON"

SecRule REQUEST_HEADERS:Content-Type "application/x-www-form-urlencoded" 
  "id:3,phase:1,t:none,pass,nolog,ctl:requestBodyProcessor=UTF8"

SecResponseBodyAccess Off

SecDefaultAction "phase:2,log,auditlog,pass"

<LocationMatch "^/api/">
  SecRuleRemoveById 920140
</LocationMatch>

In the above configuration, we enabled the ModSecurity engine and set limits on the request and response body sizes. Then, we process the request based on the Content-Type of the request and close access to the response body. Finally, we removed a specific rule to allow the request to go through.

In summary, by configuring Nginx and ModSecurity of the Linux server, we can strengthen the filtering and inspection of the Web interface. These methods can effectively protect our web applications from malicious requests and attacks. I hope this article can help everyone better improve the security of web interfaces.

(End of this article)

The above is the detailed content of How to use Linux server to enhance filtering and inspection of web interface?. For more information, please follow other related articles on the PHP Chinese website!