# Apache ModSecurity rules for LEAKAGES
SecRuleEngine On

SecRule REQUEST_URI "@lt 1" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 1" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@rx (?:<(?:TITLE>Index of.*?<H|title>Index of.*?<h)1>Index of|>[To Parent Directory]</[Aa]><br>)" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@rx ^#!s?/" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 2" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 2" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@rx ^5d{2}$" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 3" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 3" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 4" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 4" "id:1000,phase:1,deny,status:403,log,msg:'leakages attack detected'"