Labs/kartoteka
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Обновление 1.0

Browse Source
This commit is contained in:
brusnitsyn
2025-12-29 17:08:26 +09:00
parent c5c1a2b3e1
commit 56be95caa4
9 changed files with 191 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
docker/app.conf
View File

@@ -106,8 +106,8 @@ server {
# ========== API ENDPOINTS ==========
location ~* ^/api/ {
limit_req zone=api_limit burst=15 delay=8;
limit_conn conn_limit_per_ip 15;
limit_req zone=api_limit burst=30 delay=15;
limit_conn conn_limit_per_ip 30;
access_log /var/log/nginx/api_access.log main;
@@ -129,8 +129,8 @@ server {
location ~ \.php$ {
# Дефолтные лимиты для всех PHP запросов
limit_req zone=req_limit_per_ip burst=20 delay=10;
limit_conn conn_limit_per_ip 20;
limit_req zone=req_limit_per_ip burst=30 delay=15;
limit_conn conn_limit_per_ip 30;
try_files $uri =404;
@@ -145,9 +145,9 @@ server {
fastcgi_temp_file_write_size 256k;
# Таймауты
fastcgi_connect_timeout 10s;
fastcgi_send_timeout 30s;
fastcgi_read_timeout 30s;
fastcgi_connect_timeout 60s;
fastcgi_send_timeout 600s;
fastcgi_read_timeout 600s;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
@@ -157,12 +157,8 @@ server {
# ========== ОСНОВНОЙ LOCATION ==========
location / {
# Блокировка сканирования
if ($request_uri ~* "(%0|%A|%0A|%0D|%0a|%0d)") {
return 444;
}
if ($query_string ~* "(union|select|insert|update|delete|drop|create|alter|exec)") {
if ($query_string ~* "(?:^|[^a-z])(?:union|select|insert|update|delete|drop|create|alter|exec)(?:[^a-z]|$)") {
return 444;
}

4
docker/nginx.conf
View File

@@ -40,7 +40,7 @@ http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
keepalive_timeout 75;
keepalive_requests 100;
types_hash_max_size 2048;
server_tokens off;
@@ -49,7 +49,7 @@ http {
client_body_timeout 12;
client_header_timeout 12;
send_timeout 10;
send_timeout 30;
reset_timedout_connection on;
client_header_buffer_size 1k;