[rule] add rule for exposed .env

viiftw · Jul 30, 2024 · 88eb654 · 88eb654
1 parent c02bc1d
commit 88eb654
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/naxsi_rules/blocking/20000000_web_security.rules b/naxsi_rules/blocking/20000000_web_security.rules
@@ -164,3 +164,6 @@ MainRule id:20000089 "s:$UWA:8" "str:.old" "mz:URL" "msg:Exposed temp copy";
 MainRule id:20000090 "s:$UWA:8" "str:.save" "mz:URL" "msg:Exposed temp copy";
 MainRule id:20000091 "s:$UWA:8" "str:.DS_Store" "mz:URL" "msg:Exposed temp copy";
 MainRule id:20000092 "s:$UWA:8" "str:vscode" "mz:URL" "msg:Exposed vscode directory";
+
+# Exposed .env
+MainRule id:20000093 "s:$UWA:8" "str:/.env" "mz:URL" "msg:access to .env file or dir";