Hello I am wondering if any one can recommend a method of identifying repeated POST attempts to a single URI with Security VCL or through some native varnish mechanism. I am currenlty using security vcl as a WAF with the modsecurity CRS. We occasionally have malicious users who will attempt to bruteforce promotions codes, or, alternative, attempt to scan our web application for vulnerabilities. I am looking for a way to mitigate these risks at the WAF-layer.. any suggestions?
cheers, Neha
_______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
