I am currently trying to enact a firewall rule on our platform that blocks URLs that end in a specific pattern.
The pattern I am trying to block is:
Where whenever the path ends in “/darn” and then followed by a number of any length, I want this to be blocked from being served.
A few examples:
example.com/darn1 would be blocked
example.com/darn345345 would be blocked
example.com/darn1example would NOT be blocked
example.com/exampledarn1 would NOT be blocked
I have tried enacting a firewall rule that blocks when the following regex matches:
I have tried setting this rule with: “URI Full”, “URI”, and “URI Path” and the operator “matches regex”. None of these options have worked.
An example expression preview is:
(http.request.full_uri matches "(\\/darn\\d+)$")
I have tested this expression in multiple Google RE2 online tools and all test cases have passed, so I am at a loss for what I’m doing wrong here. Any help would be appreciated.