Closed robert1112 closed 6 years ago
nano /vddos/conf.d/cus/dreambox.tw.location.conf
#############################################################################################
############## NON-Security for whitelist URL query string of your domain:
############## (NON-Security for URL query string: 'dreambox.tw/?wc-api=WC_Gateway_ECPay' )
if ($args ~ "wc-api=WC_Gateway_ECPay") { testcookie off; }
vddos restart
Hi @duy13 Thanks so much for your support.
Will it apply to all level of vddos protection, 307, 200, click, 5s, high, captcha because I saw testcookie off which is for captcha?
If I want to white more URL query string., can I add the query string like below?
#############################################################################################
############## NON-Security for whitelist URL query string of your domain:
############## (NON-Security for URL query string: 'dreambox.tw/?wc-api=WC_Gateway_ECPay' )
if ($args ~ "wc-api=WC_Gateway_ECPay, wc-api=WC_connector") { testcookie off; }
For additional site, there should be a separate file like new-domain.com.location.conf
?
Thanks again for the awesome tool. It helps me survive from multiple attacks. Appreciate for your sharing and support.
nano /vddos/conf.d/cus/dreambox.tw.location.conf
############################################################################################# ############## NON-Security for whitelist URL query string of your domain: ############## (NON-Security for URL query string: 'dreambox.tw/?wc-api=WC_Gateway_ECPay' ) if ($args ~ "wc-api=WC_Gateway_ECPay|wc-api=WC_connector") { testcookie off; }
OR:
nano /vddos/conf.d/cus/dreambox.tw.location.conf
############################################################################################# ############## NON-Security for whitelist URL query string of your domain: ############## (NON-Security for URL query string: 'dreambox.tw/?wc-api=WC_Gateway_ECPay' ) if ($args ~ "wc-api=WC_Gateway_ECPay") { testcookie off; } if ($args ~ "wc-api=WC_connector") { testcookie off; }
3. Yes
Hi @duy13 Thanks for your help.
1) Sorry. "Yes" means it will whitelist for all level of vddos protection, 307, 200, click, 5s, high and captcha?
Thank you so much.
Hi @duy13
I think it only whitelist for captcha level right? Is there way to apply for other vddos level? Thank you.
Works on all security modes no, 307, 200, click, 5s, high, captcha, please test in advance to find answers before asking questions!
Hi @duy13 Thank you for your confirmation. API still got blocked. I will see if I got query url wrong. Thank you ver much for your patience.
Hi @duy13
Woocommerce provides REST API function and I used it to connect to their official iOS app on my phone. Apparently it is blocked by vDDOS so I tried the methods below and only whitelist my IP works but it is not ideal since it is dynamic. Wondering whether the url is not correct or not complete? Please kindly advice. Thank you so much for your supoort.
/vddos/conf.d/cus/
#############################################################################################
############### NON-Security for whitelist URL query string of your domain:
############### (NON-Security for URL query string: 'Woocommerce API service' )
if ($args ~ "wc-api/v2") { testcookie off; }
if ($args ~ "wp-json/wc/v2") { testcookie off; }
if ($args ~ "wp-json/wc/v2/orders") { testcookie off; }
if ($args ~ "wc-api") { testcookie off; }
but how to do for a specific user_agent?
Hi @duy13
The respond from my server is logged by the service provider. I tried to whitelist their IP in bot search whitelist file but not working. Please kindly help.