The plugin helps we intercept user requests, we only need to indicate the block_rules.
| Name | Type | Requirement | Default | Valid | Description |
|---|---|---|---|---|---|
| block_rules | array[string] | required | Regular filter rule array. Each of these items is a regular rule. If the current request URI hits any one of them, set the response code to rejected_code to exit the current user request. Example: ["root.exe", "root.m+"]. | ||
| rejected_code | integer | optional | 403 | [200, ...] | The HTTP status code returned when the request URI hit any of block_rules |
Here's an example, enable the uri blocker plugin on the specified route:
curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/*", "plugins": { "uri-blocker": { "block_rules": ["root.exe", "root.m+"] } }, "upstream": { "type": "roundrobin", "nodes": { "127.0.0.1:1980": 1 } } }'
$ curl -i http://127.0.0.1:9080/root.exe?a=a HTTP/1.1 403 Forbidden Date: Wed, 17 Jun 2020 13:55:41 GMT Content-Type: text/html; charset=utf-8 Content-Length: 150 Connection: keep-alive Server: APISIX web server ... ...
When you want to disable the uri blocker plugin, it is very simple, you can delete the corresponding json configuration in the plugin configuration, no need to restart the service, it will take effect immediately:
curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/*", "upstream": { "type": "roundrobin", "nodes": { "127.0.0.1:1980": 1 } } }'
The uri blocker plugin has been disabled now. It works for other plugins.