VSF Rule for general spammy hackers

Garry Hill garry at 4ustralia.com
Sun Mar 13 16:03:38 CET 2016


Hi Varnish has made an incredible difference to my project that was
struggling under heavy load I want to try to understand how to make some
Custom rules to put into Varnish Security Firewall

I still have loosers scanning my web sites with like
http://website.com/index.php?option=com_user
<http://website.com/index.php?option=com_user&task=register> &task=register

that are having a random go at breaking into Joomla or Worpress that I have
neither of so they just waste my bandwidth

 

I can't find much info on VSF out there and the forum is closed to posting
can you help me?

 

As I understand it I would make a custom rule like

/etc/varnish/security/rules/myrules.vcf

If I wanted to detect that Signature, Id need to make something like

 

# File myrules.vcf

sub vcl_recv {

if (the URL requested contains "?option=com_user&task=register") {

Tell him to bugger off }

}

 

Can you please show me how to do something like that? 

Thankyou

Garry Hill

Alice Springs, Outback Central Australia

http://australiancommunitynetwork.com.au
<http://australiancommunitynetwork.com.au/> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20160314/68f1e15b/attachment.html>


More information about the varnish-misc mailing list