Hi,
i want make a rules to prevent download of installation or configuration files like composer.lock, .git files…
original owasp rules set has a file for that :
How can i do that with cwaf ?
thx
Please, use Userdata - Blocked Extensions in plug-in.
From command line this file is also accessable /path_to_cwaf/cwaf/rules/userdata_bl_extensions