patterns/waf_patterns/apache/leakages.conf

# Apache ModSecurity rules for LEAKAGES
SecRuleEngine On

SecRule REQUEST_URI "@lt 1" "id:1178,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 1" "id:1179,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@rx (?:<(?:TITLE>Index of.*?<H|title>Index of.*?<h)1>Index of|>[To Parent Directory]</[Aa]><br>)" "id:1180,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@rx ^#!s?/" "id:1181,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 2" "id:1182,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 2" "id:1183,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@rx ^5d{2}$" "id:1184,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 3" "id:1185,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 3" "id:1186,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 4" "id:1187,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 4" "id:1188,phase:1,deny,status:403,log,msg:'leakages attack detected'"