# Nginx WAF rules for EXCEPTIONS
location / {
    set $attack_detected 0;

    if ($request_uri ~* "@streq GET /") {
        set $attack_detected 1;
    }

    if ($request_uri ~* "^(?:GET /|OPTIONS *) HTTP/[12].[01]$") {
        set $attack_detected 1;
    }

    if ($request_uri ~* "@ipMatch 127.0.0.1,::1") {
        set $attack_detected 1;
    }

    if ($request_uri ~* "@endsWith (internal dummy connection)") {
        set $attack_detected 1;
    }

    if ($attack_detected = 1) {
        return 403;
    }
}