| #/* |
| # * Copyright (c) 2012 Adobe Systems Incorporated. All rights reserved. |
| # * |
| # * Permission is hereby granted, free of charge, to any person obtaining a |
| # * copy of this software and associated documentation files (the "Software"), |
| # * to deal in the Software without restriction, including without limitation |
| # * the rights to use, copy, modify, merge, publish, distribute, sublicense, |
| # * and/or sell copies of the Software, and to permit persons to whom the |
| # * Software is furnished to do so, subject to the following conditions: |
| # * |
| # * The above copyright notice and this permission notice shall be included in |
| # * all copies or substantial portions of the Software. |
| # * |
| # * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
| # * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| # * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| # * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
| # * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
| # * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
| # * DEALINGS IN THE SOFTWARE. |
| # * |
| # */ |
| location / { |
| LearningMode; #learning mode enabled, will not block requests, used for generating whitelists |
| SecRulesEnabled; |
| DeniedUrl "/RequestDenied"; |
| |
| |
| CheckRule "$SQL >= 8" BLOCK; |
| CheckRule "$RFI >= 8" BLOCK; |
| CheckRule "$XSS >= 8" BLOCK; |
| CheckRule "$TRAVERSAL >= 8" BLOCK; |
| CheckRule "$EVADE >= 8" BLOCK; |
| root /etc/api-gateway/html; |
| index index.html index.htm; |
| } |
| |
| |
| location /health-check { |
| access_log off; |
| default_type application/json; |
| content_by_lua_block { |
| local cjson = require "cjson" |
| local s = {} |
| s.status = "API-Gateway is running" |
| if jit then |
| s.lua_version = jit.version |
| else |
| s.lua_version = "LuaJIT is not enabled" |
| end |
| |
| local config_status = ngx.location.capture("/config-status"); |
| if (config_status) then |
| s.config = cjson.decode(config_status.body) |
| end |
| |
| ngx.say(cjson.encode(s)) |
| } |
| } |
| |
| location /config-status { |
| access_log off; |
| proxy_pass http://127.0.0.1:8888/health-check; |
| } |
| |
| |
| location /RequestDenied { |
| return 500; |
| } |
| error_page 500 501 502 503 504 /50x.html; |
| |
| location /50x.html { |
| more_set_headers 'Content-Type: application/json'; |
| return 500 '{"code":$status, "message":"Oops. Something went wrong. Check your URI and try again."}\n'; |
| } |