D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
opt
/
bitninja-waf
/
etc
/
BitNinja
/
Filename :
404-SCANNER-PROTECTION.conf
back
Copy
SecRule REQUEST_URI "@pmf web-shell-uri.data" "chain,phase:2,id:404001,block,\ severity:CRITICAL,\ msg:'Scanner protection based on Hello Peppa botnet',\ logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'" SecRule ARGS_POST "@pmf botnet-post-request.data" "setvar:tx.bn_inbound_found=+1" SecRule RESPONSE_STATUS "404" "phase:3,id:404002,chain,\ msg:'Scanner protection based on Hello Peppa botnet',\ logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'" SecRule ARGS_POST "@pmf botnet-post-request.data" "setvar:tx.bn_outbound_found=+1" SecRule RESPONSE_STATUS "404" "block,auditlog,phase:3,id:404003,chain,\ severity:CRITICAL,\ msg:'Scripting user agent protection',\ logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'" SecRule REQUEST_FILENAME "!@endsWith /robots.txt" \ "t:none, chain" SecRule REQUEST_HEADERS:User-Agent "@pmf ../crs/rules/scripting-user-agents.data" "setvar:tx.bn_outbound_found=+1"SecRule REQUEST_HEADERS:User-Agent "@rx Bytespider" \ "id:404004,\ phase:2,\ rev:'1',\ severity:critical,\ t:none,\ setvar:'tx.bn_inbound_found=+1',\ msg:'WAF Rule against Bytespider User-Agent',\ logdata:'WAF Rule against Bytespider User-Agent'" SecRule REQUEST_HEADERS:User-Agent "@rx claudebot" \ "id:404005,\ phase:2,\ rev:'1',\ severity:critical,\ t:none,t:lowercase,\ setvar:'tx.bn_inbound_found=+1',\ msg:'WAF Rule against ClaudeBot User-Agent',\ logdata:'WAF Rule against ClaudeBot User-Agent'"