Created
December 25, 2025 07:12
-
-
Save adinata-id/5ef57c73d82f1c75fb020ead02f619dc to your computer and use it in GitHub Desktop.
WP SEC Test Firewall
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| DOMAIN="https://khodam.me/" | |
| echo "=== Testing Cloudflare WAF Rules ===" | |
| echo "" | |
| echo "Test 1: PHP in uploads (should block)" | |
| curl -s -o /dev/null -w "Status: %{http_code}\n" $DOMAIN/wp-content/uploads/test.php | |
| echo "Test 2: wp-config.php (should block)" | |
| curl -s -o /dev/null -w "Status: %{http_code}\n" $DOMAIN/wp-config.php | |
| echo "Test 3: .env file (should block)" | |
| curl -s -o /dev/null -w "Status: %{http_code}\n" $DOMAIN/.env | |
| echo "Test 4: SQL backup (should block)" | |
| curl -s -o /dev/null -w "Status: %{http_code}\n" $DOMAIN/wp-content/backup.sql | |
| echo "Test 5: Empty user-agent (should block)" | |
| curl -s -o /dev/null -w "Status: %{http_code}\n" -A "" $DOMAIN/ | |
| echo "Test 6: Normal access (should allow)" | |
| curl -s -o /dev/null -w "Status: %{http_code}\n" -A "Mozilla/5.0" $DOMAIN/ | |
| echo "" | |
| echo "=== Testing Complete ===" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment