WAF filters always ends-up in default error 500 Page
venomone opened this issue · comments
Hello,
first of all thanks for your nice work, I really like this "tiny" script ;)
Anyways I'm facing an issue I was not able to figure out myself.
I'm running this script on top of my Django application, problem now is that everytime a WAF filtered path/file applies or in other words gets blocked, openresty just returns the default error 500 page instead of my applications custom error page.
At my log i just see: 2020/07/25 21:32:19 [error] 69#69: *25 rewrite or internal redirection cycle while internally redirecting to "/403.html", client: 192.168.240.5, server: localhost, request: "GET /wsgi.py HTTP/1.1", host: "localhost"
nginx.conf (shorted):
...
http {
upstream backend {
server 127.0.0.1:8000 max_fails=3 fail_timeout=60s;
}
...
server {
listen 80;
access_by_lua_file ddos_challenge.lua;
aio threads=default;
...
location @proxy_to_app {
proxy_pass http://backend;
aio threads;
proxy_read_timeout 100s;
proxy_connect_timeout 100s;
proxy_http_version 1.1;
proxy_redirect off;
proxy_buffers 16 4k;
proxy_buffer_size 2k;
proxy_intercept_errors on;
proxy_set_header Host $host;
uwsgi_intercept_errors on;
gzip on;
gzip_min_length 1024;
gzip_comp_level 3;
gzip_vary on;
gzip_disable msie6;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml application/rss+xml application/atom+xml font/truetype font/opentype application/vnd.ms-fontobject image/svg+xml;
}
location / {
try_files $uri @proxy_to_app;
}
...
error_page 412 414 416 444 495 496 497 500 501 502 504 507 /custom_error.html;
location = /custom_error.html {
root /app/templates/;
internal;
}
Any Idea how I get my custom_error.html displayed if the WAF gets a hit?
Greetz
Okay i found a solution, simply read this: https://groups.google.com/g/openresty-en/c/1XASYFeP61o?pli=1