Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Suggestion] Feature Enhancement and User Needs #1147

Open
soukouzen opened this issue Feb 5, 2025 · 0 comments
Open

[Suggestion] Feature Enhancement and User Needs #1147

soukouzen opened this issue Feb 5, 2025 · 0 comments

Comments

@soukouzen
Copy link

What would you like to be added or improved?

1、在防护日志面板--攻击日志中,攻击类型筛选,会把自定义规则归类为黑名单和白名单,是否可以把自定义规则单独筛选?比如我有自定义规则1和自定义规则2,在筛选的时候可以筛选出自定义规则1拦截情况。因为在自定义规则中,如果拦截bot类的ua,或者机房类ip会有一堆扫描ip或者爬虫请求,但是这些请求,不需要特别查询,但是请求非常多,需要排除的时候,只有黑名单可选就让筛选非常繁琐。(或者允许设置特定自定义规则为"非关键告警")
2、在防护日志面板中,除了搜索攻击ip,是否可以搜索攻击地区?比如国内的就可以按省或者市搜索,国外就按识别到的比如美国或者洛杉矶这样搜索。
3、是否可以考虑增加一个PoW工作量证明的防护机制(可配置的PoW难度系数、支持多种哈希算法选择、提供JavaScript计算库、集成验证失败率监控)
4、是否可以针对url长度、header(cookies、ua、referer等)限制或者过滤或者替换(比如限制长度,或者提供字符集过滤规则,或者支持正则表达式匹配替换,支持特定字符串截断处理)
5、能否想办法修复ip组只能导入1000个ip的问题?或者导入的时候分多个关联新增项解决超过1000个ip的问题
6、数据统计页面,按站点划分访问流量,如站点qps,当前访问ip,错误4xx,5xx,趋势等

(以下针对手动用户,动手能力强的可以用api批量提交)
7、增强批量管理功能,针对网站,规则,ip组,证书是否可以增加批量管理导入导出删除等操作

(个人拙见,如相关功能已存在,或因本人未深入研究而有所遗漏,敬请谅解。)

Why is it needed?

完善waf功能,方便用户使用
@xbingW xbingW changed the title [Suggestion] 功能完善和用户需求 [Suggestion] Feature Enhancement and User Needs Feb 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@soukouzen