patterns/waf_patterns/apache/leakages.conf

# Apache ModSecurity rules for LEAKAGES
SecRuleEngine On

SecRule REQUEST_URI "@lt 1" "id:1514,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 1" "id:1515,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@rx (?:<(?:TITLE>Index of.*?<H|title>Index of.*?<h)1>Index of|>[To Parent Directory]</[Aa]><br>)" "id:1516,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@rx ^#!s?/" "id:1517,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 2" "id:1518,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 2" "id:1519,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@rx ^5d{2}$" "id:1520,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 3" "id:1521,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 3" "id:1522,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 4" "id:1523,phase:1,deny,status:403,log,msg:'leakages attack detected'"
SecRule REQUEST_URI "@lt 4" "id:1524,phase:1,deny,status:403,log,msg:'leakages attack detected'"