Elxis CMS Forum

Support => Security => Topic started by: ArXoS on January 26, 2025, 15:48:27

Title: Add custom rules to defender
Post by: ArXoS on January 26, 2025, 15:48:27

Hello elxis.

I want to protect from extra scan/ URL queries

For example, i have lots of scans for mysite/test1/...... and mysite/test2/........

What's the right syntax of the line for custom.rules.php ?

Code: [Select]

array('URI,QUERY', 'test1|test2' , 'Common CMS scan')
or

Code: [Select]

array('URI,QUERY', 'test1\test2' , 'Common CMS scan'
Regards

Title: Re: Add custom rules to defender
Post by: datahell on January 26, 2025, 21:48:57

Separate different filters by |
Use backslash \ to escape special characters such as dots and dashes.
The first index of the array denotes where to search (URI, QUERY, POST, AGENT, REFERER, IP, GET, etc...)

For instance the one bellow will not allow the existence in URL of the words moon, saturn, jupiter and pluto.
array('URI,QUERY', 'moon|saturn|jupiter|pluto', 'I dont like astronomy!'),

See general.rules.php to get more ideas.

Title: Re: Add custom rules to defender
Post by: ArXoS on January 26, 2025, 23:26:07

Thanks man !