Anti-Exploits allows to build rules that blocks the most common exploits, SQL injections, file injections, spam and user agents used by hackers and bandwidth hoggers.
When a rule of a group matches, the reverse proxy die the connection and produce a HTTP 403 error.
- Select your Web site.
- Select Anti-Exploits tab.
- Click on New Group
- Set the group name
- If you want to add some default rules, turn on the Add Defaults option.
- To affect the new group of rules to your Web server, click on the checkbox option.
Create rules inside a group
- Select your group
- Click on “Items” tab
- If you have added your group with default rules, some rules are already created.
- Click on “New item“
- Enabled: If the rule is active or not.
- Reverse: Matches if the pattern is not matched.
- Token: Where to match the regular expression : The User Agent or the Query string.
- Pattern: Set the regular expression that matches the token.
- Click on Apply to make rules into production mode.