-
-
Notifications
You must be signed in to change notification settings - Fork 50
/
nginx.conf
executable file
·76 lines (67 loc) · 3.39 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
worker_processes 1;
error_log logs/error.log info;
events {
worker_connections 512;
}
http {
include mime.types;
sendfile on;
server {
client_max_body_size 0;
location /VulnerableApp {
# As VulnerableApp-Facade should run even if some of the Vulnerable Applications are not present
# there for added below configuration.
# https://stackoverflow.com/questions/32845674/setup-nginx-not-to-crash-if-host-in-upstream-is-not-found
resolver 127.0.0.11;
set $VulnerableApplication VulnerableApp-base;
proxy_pass http://$VulnerableApplication:9090;
}
location /VulnerableApp-jsp {
# As VulnerableApp-Facade should run even if some of the Vulnerable Applications are not present
# there for added below configuration.
# https://stackoverflow.com/questions/32845674/setup-nginx-not-to-crash-if-host-in-upstream-is-not-found
resolver 127.0.0.11;
set $VulnerableApplication VulnerableApp-jsp;
proxy_pass http://$VulnerableApplication:8080;
}
location /VulnerableApp-php {
# As VulnerableApp-Facade should run even if some of the Vulnerable Applications are not present
# there for added below configuration.
# https://stackoverflow.com/questions/32845674/setup-nginx-not-to-crash-if-host-in-upstream-is-not-found
resolver 127.0.0.11;
set $VulnerableApplication VulnerableApp-php;
proxy_pass http://$VulnerableApplication:80;
}
location = /VulnerabilityDefinitions {
default_type 'application/json';
content_by_lua_block {
local vulnerableAppResponse = ngx.location.capture("/VulnerableApp/VulnerabilityDefinitions")
local vulnerableAppJspResponse = ngx.location.capture("/VulnerableApp-jsp/VulnerabilityDefinitions")
local vulnerableAppPhpResponse = ngx.location.capture("/VulnerableApp-php/VulnerabilityDefinitions")
ngx.say(require("vulnerableapp_utility").merge_vulnerability_information(vulnerableAppResponse, vulnerableAppJspResponse, vulnerableAppPhpResponse))
}
}
location = /scanner/dast {
default_type 'application/json';
content_by_lua_block {
local vulnerableAppResponse = ngx.location.capture("/VulnerableApp/scanner")
local vulnerableAppJspResponse = ngx.location.capture("/VulnerableApp-jsp/scanner/dast")
local vulnerableAppPhpResponse = ngx.location.capture("/VulnerableApp-php/scanner/dast")
ngx.say(require("vulnerableapp_utility").merge_vulnerability_information(vulnerableAppResponse, vulnerableAppJspResponse, vulnerableAppPhpResponse))
}
}
location = /scanner/sast {
default_type 'application/json';
content_by_lua_block {
local vulnerableAppResponse = ngx.location.capture("/VulnerableApp/scanner/sast")
local vulnerableAppJspResponse = ngx.location.capture("/VulnerableApp-jsp/scanner/sast")
local vulnerableAppPhpResponse = ngx.location.capture("/VulnerableApp-php/scanner/sast")
ngx.say(require("vulnerableapp_utility").merge_vulnerability_information(vulnerableAppResponse, vulnerableAppJspResponse, vulnerableAppPhpResponse))
}
}
location / {
root /usr/share/nginx/html;
}
}
# https://serverfault.com/questions/379675/nginx-reverse-proxy-url-rewrite
}