express-waf-middleware

express-waf-middleware

a WAF(web application firewall) for the Express.

Installation

$ npm install express-waf-middleware

usage

//option value: 1:enable,0:disable
var waf_options = {
    url: 1, //detect the url
    userAgent: 1,   //detect the user-agent
    cookies: 1, //detect the cookies
    body: 1,    //detect the body
    log: 1  //print log informaton
}
app.use(express_waf_middleware(waf_options));

example

var express = require('express');
var app = express();
var express_waf_middleware = require("express-waf-middleware");

var waf_options = {
    url: 1, //detect the url,1:enable,0:disable,below,the same
    userAgent: 1,   //detect the user-agent
    cookies: 1, //detect the cookies
    body: 1,    //detect the body
    log: 1  //print log informaton
}
app.use(express_waf_middleware(waf_options));

app.get('/', function (req, res) {
    res.send('Hello sharewaf.com');
});

app.listen(8000);
console.log("Test server at port:8000");
console.log("You can use these urls for testing:")
console.log("http://127.0.0.1:8000/");
console.log("http://127.0.0.1:8000/add.asp?id=1' or select * from admin");
console.log("http://127.0.0.1:8000/<script>alert('hello');</script>")

WAF rules

You can edit the rules file. File location: express-waf-middleware folder,rules.js

    /select.+(from|limit)/i,
    /(?:(union(.*?)select))/i,
    /sleep\((\s*)(\d*)(\s*)\)/i,
    /group\s+by.+\(/i,
    /(?:from\W+information_schema\W)/i,
    /(?:(?:current_)user|database|schema|connection_id)\s*\(/i,
    /\s*or\s+.*=.*/i,
    /order\s+by\s+.*--$/i,
    /benchmark\((.*)\,(.*)\)/i,
    /base64_decode\(/i,
    /(?:(?:current_)user|database|version|schema|connection_id)\s*\(/i,
    /(?:etc\/\W*passwd)/i,
    /into(\s+)+(?:dump|out)file\s*/i,
    /xwork.MethodAccessor/i,
    /(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|preg_\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\(/i,
    /\<(iframe|script|body|img|layer|div|meta|style|base|object|input)/i,
    /(onmouseover|onmousemove|onerror|onload)\=/i,
    /javascript:/i,
    /\.\.\/\.\.\//i,
    /\|\|.*(?:ls|pwd|whoami|ll|ifconfog|ipconfig|&&|chmod|cd|mkdir|rmdir|cp|mv)/i,
    /(?:ls|pwd|whoami|ll|ifconfog|ipconfig|&&|chmod|cd|mkdir|rmdir|cp|mv).*\|\|/i,
    /(gopher|doc|php|glob|file|phar|zlib|ftp|ldap|dict|ogg|data)\:\//i

contact

Anything ,you can contact me wangliwen@sharewaf.com