【发布时间】:2021-10-01 20:03:00
【问题描述】:
我的入口配置中有以下代码,我想添加更多路径来拒绝黑客的攻击。是否有任何最佳做法可以确保黑客不会进行自动扫描?
---
kind: Ingress
metadata:
name: example
labels:
app: example
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/proxy-connect-timeout: "200"
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/server-snippet: |
location ~* "^/boaform" {
deny all;
return 403;
}
location ~* "^/api" {
deny all;
return 403;
}
location ~* "^/user" {
deny all;
return 403;
}
namespace: example-ns
【问题讨论】: