Hub WAF rule

More info

vpatch-env-access WAF Rule

« Environment File - Exposure »
v0.3 by crowdsecurity
WAF rule

Detect access to .env files

Installation

cscli appsec-rules install crowdsecurity/vpatch-env-access

YAML Configuration

1name: crowdsecurity/vpatch-env-access
2description: "Detect access to .env files"
3rules:
4  - zones:
5    - URI
6    transform:
7    - lowercase
8    match:
9      type: endsWith
10      value: .env
11labels:
12  type: scan
13  service: http
14  confidence: 3
15  spoofable: 0
16  behavior: "http:scan"
17  label: "Environment File - Exposure"
18  classification:
19   - attack.T1595
20   - attack.T1190
21

Hub WAF rule

« Environment File - Exposure »v0.3 by crowdsecurityWAF rule

« Environment File - Exposure »
v0.3 by crowdsecurity
WAF rule