## Block SQL injections
if ($query_string ~ "union.*select.*\(") {
    return 403;
}

if ($query_string ~ "union.*all.*select.*") {
    return 403;
}

if ($query_string ~ "concat.*\(") {
    return 403;
}

## Block file injections
if ($query_string ~ "[a-zA-Z0-9_]=http://") {
    return 403;
}

if ($query_string ~ "[a-zA-Z0-9_]=https://") {
    return 403;
}

if ($query_string ~ "[a-zA-Z0-9_]=(\.\.//?)+") {
    return 403;
}

if ($query_string ~ "[a-zA-Z0-9_]=/([a-z0-9_.]//?)+") {
    return 403;
}

## Block common exploits
if ($query_string ~ "(<|%3C).*script.*(>|%3E)") {
    return 403;
}

if ($query_string ~ "GLOBALS(=|\[|\%[0-9A-Z]{0,2})") {
    return 403;
}

if ($query_string ~ "_REQUEST(=|\[|\%[0-9A-Z]{0,2})") {
    return 403;
}

if ($query_string ~ "proc/self/environ") {
    return 403;
}

if ($query_string ~ "mosConfig_[a-zA-Z_]{1,21}(=|\%3D)") {
    return 403;
}

if ($query_string ~ "base64_(en|de)code\(.*\)") {
    return 403;
}

if ($http_user_agent ~ "Google-Extended") {
    return 403;
}

if ($http_user_agent ~ "GPTBot") {
    return 403;
}

if ($http_user_agent ~ "ChatGPT-User") {
    return 403;
}

if ($http_user_agent ~ "CCBot") {
    return 403;
}