Website Migration Notice: SafePoint is now operated by CyberServal.Learn more →
DiscussionSLA
Sign inSign up

Useful custom rules

Published a year ago

# SafeLine WAF
# 💪 improve

Published a year ago

profile_photo

Naldela Teleyal

Updated 2 years ago

0

AI-Bots

Regex: Omigili(Bot)?|(Perplexity|Imagesift|GPT|Diff|CC|AI)(\-|_|\s)?[Bb]ot|(anth?ropic|cohere)\-ai|openai|ChatGPT|Google(Other|\-Extended)|Bytespider|Applebot\-Extended|Claude\-Web
Header Field: User-Agent

Validate Websocket connections

Regex: ([a-zA-Z0-9_\\\-\.=\+\/]+)==$
Header Field: Sec-Websocket-Key

Regex: [0-9]{2}
Header Field: Sec-Websocket-Version

Content: websocket
Header Field: Upgrade
Operator: Equals
image.png

profile_photo

David Wardana

Updated 2 years ago

Hi <@124289143579738113> for AI-Bots, what rule must be selected ? antibot, allow or deny ?

profile_photo

Ian Antareja

Updated a year ago

Please, point me to the article or web which I can make this kind of regex..

profile_photo

Naldela Teleyal

Updated 2 years ago

0

Wordpress Anti-Bot

Path: /w(ord)?p(ress)?(_|\-|\s|\.)?(.*)
image.png

profile_photo

Naldela Teleyal

Updated 2 years ago

0

Old Browser

Regex: (firefox|chrome)\/([0-8]{1,2}|9[3-9]|1[0-1]{1,2})\.
Header Field: User-Agent
image.png

profile_photo

Naldela Teleyal

Updated 2 years ago

0

Additional Search Engine Spiders

Regex: www\.(google|bing)\.com|Yahoo\!\sSlurp|((DuckDuck|Yandex)Bot|Baiduspider)/[0-9]
Header Field: User-Agent
image.png

profile_photo

zhiduopc

Updated a year ago

Will it be blocked by simulating a false designated spider user-agent attack?

profile_photo

zhiduopc

Updated 2 years ago

0

Setting up ua whitelist is easy to simulate

profile_photo

Naldela Teleyal

Updated a year ago

0

Known Server Scanner

Regex: shadowserver\.org|(hardenize|measurement|censys|stretchoid)\.com|shodan\.io|Palo\sAlto\sNetworks
Header Field: User-Agent

profile_photo

CRONOS

Updated a year ago

Do I need antibot to be enabled in my web services?

profile_photo

Naldela Teleyal

Updated a year ago

0

image.png

profile_photo

Naldela Teleyal

Updated a year ago

0

No. If you choose to set a custom rule to "Anti-Bot", the Anto-Bot feature will trigger, no matter, if you have enabled, or disabled for the service

profile_photo

CRONOS

Updated a year ago

Perfect, I want to put a bot in wp-login.php, is there a way? I'm also looking at how I can integrate with Cloudflare, and if it's necessary

profile_photo

Naldela Teleyal

Updated a year ago

0

You can choose "Auth" instead of "Anti-Bot". You'll be able to add credentials to trigger a login screen

profile_photo

CRONOS

Updated a year ago

0

I did it this way, would it be correct?

profile_photo

CRONOS

Updated a year ago

0

Captura_de_tela_2024-11-25_175505.png

Related Posts
#
Webhook Response
#
Load Balancing to two upstream servers.
#
Adding the Ability to Create Users with LDAP/Active Directory
#
Access log viewer
#
Safari - Challenge Not Work