# Nginx WAF rules for LEAKAGES
location / {
    set $attack_detected 0;

    if ($request_uri ~* "(?:<(?:TITLE>Index of.*?<H|title>Index of.*?<h)1>Index of|>[To Parent Directory]</[Aa]><br>)") {
        set $attack_detected 1;
    }

    if ($request_uri ~* "^5d{2}$") {
        set $attack_detected 1;
    }

    if ($request_uri ~* "^#!s?/") {
        set $attack_detected 1;
    }

    if ($attack_detected = 1) {
        return 403;
    }
}