From 27022108b4014825dae38eb7803f78f22d2d7992 Mon Sep 17 00:00:00 2001 From: jay Date: Tue, 30 Jun 2026 10:11:57 -0400 Subject: [PATCH] =?UTF-8?q?caddy:=20block=20vuln-scanner=20probe=20paths?= =?UTF-8?q?=20(no-PHP/WP=20stack)=20=E2=86=92=20403,=20not=20the=20SPA=20s?= =?UTF-8?q?hell?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Path-only @junk matcher on upbeatbytes.com (*.php, /wp-*, /.env, /.git, /phpmyadmin, /vendor, etc.) returns 403 instead of falling through try_files to a 200 SPA shell. Never matches by User-Agent, so real users + Googlebot/Bing are untouched. Applied to the live Caddyfile (validated + reloaded) and mirrored into the repo snapshot. Co-Authored-By: Claude Opus 4.8 --- ...d7dae125a7b75937ebdb92e2a62fa109ca7c2b.webp | Bin 0 -> 59754 bytes ...cb17ad15f1be939f68f7947d1db2fff2143594.webp | Bin 0 -> 109230 bytes ...6fdbed3a8f69118e9884f54ec76c1f3613f960.webp | Bin 0 -> 161766 bytes ...788fde3cb4ea331266f4cf07d569c9329dda93.webp | Bin 0 -> 26012 bytes ...ecd41d74845e5c45e09ecd9440198fbb1727cf.webp | Bin 0 -> 27048 bytes ...300b01fc89de978a4ea89ee7d160581975a6b1.webp | Bin 0 -> 112290 bytes ...a947b8b0af622f0efceaca99d8cc96f442f947.webp | Bin 0 -> 47070 bytes ...9bbdc47478c5b295922c02ee11ac9da8dab827.webp | Bin 0 -> 33078 bytes ...5271d1fceb5311087ff9b80f493651f4f3ca9a.webp | Bin 0 -> 41878 bytes ...653be05ebdf233f4be537797483f80eadaa011.webp | Bin 0 -> 25736 bytes ...eca1d10dd4663da32839538f15dc8c2d51c8ba.webp | Bin 0 -> 34034 bytes ...a9b25ae4238ff3961704d6e6c8dbea6d49e313.webp | Bin 0 -> 49290 bytes ...5978e1176b200b947f63d2a51baaaaf7765e2c.webp | Bin 0 -> 42816 bytes ...2f1193408dc852a7804bbde41e5ba28fa8c67f.webp | Bin 0 -> 28210 bytes ...08be6bef4a013d55eb35672897be6e966e572e.webp | Bin 0 -> 60554 bytes ...68027c06adedd2fef6a4893fd94f158cab68c6.webp | Bin 0 -> 100222 bytes ...57e1bc21fc60906e7fd5672a4c248eae4cafd3.webp | Bin 0 -> 11080 bytes ...b74f0f5ed0633103e48ccadbcd75718356f185.webp | Bin 0 -> 47028 bytes ...d7bda83a57534b08e9fb61cdc549a1acfd4d40.webp | Bin 0 -> 35002 bytes ...3ba69eeca0bbc3131804e11b38653e8f27101b.webp | Bin 0 -> 10404 bytes ...6135dde0fc862e2f3e1de9a774b61a1b033baf.webp | Bin 0 -> 15638 bytes ...e8a95a70c59381cf4cd877ae2ea743132f1975.webp | Bin 0 -> 70068 bytes ...66bf7e6e016c291797e55cb42dd20ff6685b82.webp | Bin 0 -> 62352 bytes ...1847e21b557429a01951e6e1e1cfd41751fde5.webp | Bin 0 -> 27880 bytes ...15df1d47687b72606a0053f3311640c043f2a5.webp | Bin 0 -> 50104 bytes ...6ea054b9041e65a24f705a83807d2720dc9cfa.webp | Bin 0 -> 55636 bytes ...0935391509a00e4c09d961584e5319579d399c.webp | Bin 0 -> 88686 bytes ...1dea3f8d6de8edc42079386abc7a4d583f6e59.webp | Bin 0 -> 20654 bytes ...088380f421e16d978591109efcefbc27e31571.webp | Bin 0 -> 22944 bytes ...d4fa43f14dd95f317e818fbc37194ab60be69c.webp | Bin 0 -> 16318 bytes ...2b6d4c9a9879c7dc51879378b61eacf81b5255.webp | Bin 0 -> 36740 bytes ...b9a8221163d221ff794020b2467131b049be99.webp | Bin 0 -> 37854 bytes deploy/caddy/Caddyfile.snapshot | 10 ++++++++++ 33 files changed, 10 insertions(+) create mode 100644 data/img_cache/04d7dae125a7b75937ebdb92e2a62fa109ca7c2b.webp create mode 100644 data/img_cache/11cb17ad15f1be939f68f7947d1db2fff2143594.webp create mode 100644 data/img_cache/166fdbed3a8f69118e9884f54ec76c1f3613f960.webp create mode 100644 data/img_cache/17788fde3cb4ea331266f4cf07d569c9329dda93.webp create mode 100644 data/img_cache/1cecd41d74845e5c45e09ecd9440198fbb1727cf.webp create mode 100644 data/img_cache/24300b01fc89de978a4ea89ee7d160581975a6b1.webp create mode 100644 data/img_cache/2ba947b8b0af622f0efceaca99d8cc96f442f947.webp create mode 100644 data/img_cache/329bbdc47478c5b295922c02ee11ac9da8dab827.webp create mode 100644 data/img_cache/3e5271d1fceb5311087ff9b80f493651f4f3ca9a.webp create mode 100644 data/img_cache/40653be05ebdf233f4be537797483f80eadaa011.webp create mode 100644 data/img_cache/40eca1d10dd4663da32839538f15dc8c2d51c8ba.webp create mode 100644 data/img_cache/46a9b25ae4238ff3961704d6e6c8dbea6d49e313.webp create mode 100644 data/img_cache/485978e1176b200b947f63d2a51baaaaf7765e2c.webp create mode 100644 data/img_cache/4b2f1193408dc852a7804bbde41e5ba28fa8c67f.webp create mode 100644 data/img_cache/5a08be6bef4a013d55eb35672897be6e966e572e.webp create mode 100644 data/img_cache/5c68027c06adedd2fef6a4893fd94f158cab68c6.webp create mode 100644 data/img_cache/6757e1bc21fc60906e7fd5672a4c248eae4cafd3.webp create mode 100644 data/img_cache/8eb74f0f5ed0633103e48ccadbcd75718356f185.webp create mode 100644 data/img_cache/8fd7bda83a57534b08e9fb61cdc549a1acfd4d40.webp create mode 100644 data/img_cache/963ba69eeca0bbc3131804e11b38653e8f27101b.webp create mode 100644 data/img_cache/986135dde0fc862e2f3e1de9a774b61a1b033baf.webp create mode 100644 data/img_cache/9ce8a95a70c59381cf4cd877ae2ea743132f1975.webp create mode 100644 data/img_cache/a666bf7e6e016c291797e55cb42dd20ff6685b82.webp create mode 100644 data/img_cache/a81847e21b557429a01951e6e1e1cfd41751fde5.webp create mode 100644 data/img_cache/bd15df1d47687b72606a0053f3311640c043f2a5.webp create mode 100644 data/img_cache/c46ea054b9041e65a24f705a83807d2720dc9cfa.webp create mode 100644 data/img_cache/d60935391509a00e4c09d961584e5319579d399c.webp create mode 100644 data/img_cache/d71dea3f8d6de8edc42079386abc7a4d583f6e59.webp create mode 100644 data/img_cache/dd088380f421e16d978591109efcefbc27e31571.webp create mode 100644 data/img_cache/ddd4fa43f14dd95f317e818fbc37194ab60be69c.webp create mode 100644 data/img_cache/e52b6d4c9a9879c7dc51879378b61eacf81b5255.webp create mode 100644 data/img_cache/f5b9a8221163d221ff794020b2467131b049be99.webp diff --git a/data/img_cache/04d7dae125a7b75937ebdb92e2a62fa109ca7c2b.webp b/data/img_cache/04d7dae125a7b75937ebdb92e2a62fa109ca7c2b.webp new file mode 100644 index 0000000000000000000000000000000000000000..3b1b9db26d139b99580f9b37a47f346f42df7020 GIT binary patch literal 59754 zcmV(vKPy%MM6+kP&gn~=>Pz*>H?hsDj)+D0zPdtl}IEdt|g_G3PHdP ziA|aEN>kpLaD4y&9yd>!1HMTx49WjjvnlvI=zsq5=lx&*+M%hjX^iyR9!OT*T7Vp8 z?I=ZnPs<;gPFe7GRbLB((~1O(4)?O)yw?nrDy#QP!Iq9-M_#;|M8jm z8T#k>zq#Ho{=fQ<{{P_r()ZKEULAqI{MIaUyv*W%UJFYbPuovvJCKd z3dF?W8WMP1y8HDbLTjN2DHNvO65;m0^fRXxr>IsGF(MM*aO@vf?|$;!XXsDt83a_K zdXN6OeAVPcenqxjt^t|4cYv{kcMEA{lOnz)u)OnQ;89z>Rby_lK0Hxvn##mnW!Q@< z&rc%7{%G&29cFIb%t&z&A4>Fo<~4b)p~;ws@g28{Y+%NHrt(eKfr`X_cULiot1BC3Iq$ zITv8n1#^crvUaMT=jceY)B$W81qE%xQE2@>He#Rgu ztM#g4zvN_EQ;-zbb&M%55{df(AdY`72KR${HEN4CHw|*LfZlv5m2tN&`c+)$X^)C< zKoASHsiTb>M$4Q2Se-+_`{wFqcMmkV8fG}pvKYi%;)>0j0+Y!kEiN@l2X<}OvJIw! zX~x4^=5XNBnHhb0BQFLd=G{`btd**p9zXDc{`cdq|G-_t;dbCPJ0TuCGEoHv@3shp zMPSE_dkFg(3+2Uc%UC*(`hz3g8L59THH0YZ(NNIV)SP?*a5*&z&4V?*9WeMuqj_@r zE`2-QWfl$HK(fP5vm6^FVOg|u{rO<>JQF^cxBgYAX;4xbJS2#OqZiB?oSEg&07k_K zAKt!)wj8TBhSZK>LDkXZ#_3!C``-96as+@Cuc!3YE+6S1(O?k211STGLmSD42 zrY_9&*_LQRXJ*ToPea#^0;m0uQ#%<~6sbWx&jh9F8=d&8`#nL@?nM8B&0UJj2{toH z(Z?Z!jI6*2gLq3n%!0`mAN0-{R#tu7Cunb2JSQ(y>h%AoI4+r{vch49sMNNk;@s$~ zU%_~Am5P9MwF%8KLEiUy!>*ItUmkN>=cKA(!N28+G_c``A0x!no=#(JO2W4y^f~tP zFYN&UJ{{?lU)X5!sdeJJFmvx&S6vpB%pa7$EMs=@i(z*mWzZd33kPrDR1!3il;Ox5 zm6V)pJWc77OWHfT5C+tP}$C&r8|YO!z!U@=J4VjapFx=ZeQ;lcgAZQOE7+kGWcA zQsLpRt9xf!Mq+_Tf}pwr{%4m