# Nginx WAF rules for SHELLS location / { set $attack_detected 0; if ($request_uri ~* "Mini Shell.*Developed By LameHacker") { set $attack_detected 1; } if ($request_uri ~* "^rnrnrnPhpSpy Ver [0-9]+") { set $attack_detected 1; } if ($request_uri ~* "^PHP Web Shellrnrnrn ") { set $attack_detected 1; } if ($request_uri ~* "^nn
Input command :
n
") { set $attack_detected 1; } if ($request_uri ~* "^.*? - WSO [0-9.]+") { set $attack_detected 1; } if ($request_uri ~* "^ *n[ ]+n[ ]+lostDC -") { set $attack_detected 1; } if ($request_uri ~* "^<html>n<title>.*? ~ Shell Inn