Toggle per vhost "Block commonly probed URLs"([i] return 403 to many commonly probed URLs, Warning! this will break default wordpress, joomla and possibly some other software)
return a 403 to a bunch of URLs typically scanned by dirbusters, script kiddies, bots. As to allow fail2ban to enforce IP level ban in case of excessive 403, a particularly effective technique.
The last one could probably be merged with the current "Block Common Exploits"
Love this project and its openappsec-enabled fork.
I would like to provide a PR for some enhancements regarding privacy/security.
Before doing so, could maintainers tell me if they have any chance of being merged ?
Added features :
The last one could probably be merged with the current "Block Common Exploits"