Implement ASP files rule completely...

Follow-up to 873ccd1. See #161.
chesio · Jul 29, 2024 · 11ea887 · 11ea887
1 parent 8cdd846
commit 11ea887
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -144,11 +144,12 @@ Passwords are validated on user creation, password change or password reset. If
 
 Remote IP addresses that are scanning your website for weaknesses can be automatically [blocked](#internal-blocklist) for configured amount of time. Such scanners can be usually quite easily detected because while scanning a website they trigger a lot of 404 errors and URLs they try to access differ from "valid" 404 errors: usually they try to find a known vulnerable plugin, forgotten backup file or PHP script used for administrative purposes.
 
-There are four built-in rules available (they are not active by default):
-1. ban when non-existent PHP file is requested (any URL ending with `.php`)
-2. ban when non-existent archive file is requested (any URL ending with `.tgz` or `.zip`)
-3. ban when non-existent backup file is requested (any URL targeting file with `backup` in basename or with `.back`, `.old` or `.tmp` extension)
-4. ban when non-existent `readme.txt` file is accessed
+There are five built-in rules available (they are not active by default):
+1. ban when non-existent APS file is requested (any URL ending with `.asp` or `.aspx`)
+2. ban when non-existent PHP file is requested (any URL ending with `.php`)
+3. ban when non-existent archive file is requested (any URL ending with `.tgz` or `.zip`)
+4. ban when non-existent backup file is requested (any URL targeting file with `backup` in basename or with `.back`, `.old` or `.tmp` extension)
+5. ban when non-existent `readme.txt` file is accessed
 
 You may define custom rules as well (in form of regular expression).
 

diff --git a/classes/BlueChip/Security/Modules/BadRequestsBanner/Settings.php b/classes/BlueChip/Security/Modules/BadRequestsBanner/Settings.php
@@ -13,6 +13,11 @@ class Settings extends CoreSettings
      */
     public const BUILT_IN_RULE_ARCHIVE_FILES = BuiltInRules::ARCHIVE_FILES;
 
+    /**
+     * @var string Is built-in rule "ASP files" active? [bool:no]
+     */
+    public const BUILT_IN_RULE_ASP_FILES = BuiltInRules::ASP_FILES;
+
     /**
      * @var string Is built-in rule "Backup files" active? [bool:no]
      */
@@ -50,6 +55,7 @@ class Settings extends CoreSettings
      */
     protected const DEFAULTS = [
         self::BUILT_IN_RULE_ARCHIVE_FILES => false,
+        self::BUILT_IN_RULE_ASP_FILES => false,
         self::BUILT_IN_RULE_BACKUP_FILES => false,
         self::BUILT_IN_RULE_PHP_FILES => false,
         self::BUILT_IN_RULE_README_FILES => false,