1234567891011121314151617 |
- # A filter to block requests with a suspicious $body_bytes_sent
- #
- # Matches e.g.
- # put some new matches here
- #
- [Definition]
- ## Matches requests for demu.red/ that have a $body_bytes_sent of set ammount, as these requests look suspicious and never ask for the favicon
- ## This number must be updated after making a new blog post. A basic curl will give a log line with the correct number
- failregex = ^<HOST> -.* "(GET|POST|HEAD) / HTTP/.*" 200 29091
- #^<HOST> -.* "(POST|HEAD|GET)
- ## Ignore approved CLI useragents
- ignoreregex = ^<HOST> -.* "(GET|POST|HEAD).*HTTP.*".*(w3m|Lynx)
|