I have this rule bellow, and I'd like to limit for only wp-login.php files. Is it possible?
SecRule REQUEST_HEADERS:User-Agent "@contains python-requests" "id:1000000,t:none,t:lowercase,deny,nolog,msg:'BAD BOT - Detected and Blocked. '"
Asked
Active
Viewed 559 times
1 Answers
0
Use chained rules:
SecRule REQUEST_URI "wp-admin.php" "chain,id:1000000,t:none,t:lowercase,deny,nolog,msg:'BAD BOT - Detected and Blocked. '"
SecRule REQUEST_HEADERS:User-Agent "@contains python-requests" ",t:none,t:lowercase"
Barry Pollard
- 40,655
- 7
- 76
- 92