spip-contrib-extensions/waf | 2 commits
Par Urs Riggenbach, le 7 mai 2026 à 11h30min :
Merge branch ‹ feat/suspicious-ua-detection › into ‹ main ›
feat: detect known scanner/tool User-Agent strings
See merge request spip-contrib-extensions/waf!30
Modifié
waf_fonctions.php
==============================
Par pierretux, le 6 mai 2026 à 14h25min :
feat: detect known scanner/tool User-Agent strings
Add waf_suspicious_ua_patterns() with signatures for Nikto, sqlmap,
Masscan, Nuclei, zgrab, DirBuster, Gobuster, Wfuzz, Nessus, Acunetix
and others. waf_check_suspicious_ua() runs early in the pipeline so
scanner traffic triggers the normal strike/ban escalation path.
Modifié
waf_fonctions.php