.. include:: Includes.txt ============== Backend module ============== The extension adds a backend module under **System** > **Firewall**. It is available to administrators only. The module has three views. Switch between them with the **View** dropdown in the module's doc-header: - **Patterns** manages the static block patterns. - **Blocked keys** lists the clients that rules have banned automatically. - **Statistics** shows how much traffic the firewall blocked over time. Patterns ======== This view manages the static block patterns. The extension always adds them to the firewall as the blocklist rule ``typo3-blocklist``, so they take effect even when no configuration file exists (see :doc:`Configuration`). Patterns are stored in the file ``config/system/phirewall.patterns.json`` (classic installation: ``typo3conf/system/phirewall.patterns.json``). Every change takes effect on the next request. No deployment and no cache flush are needed. The pattern list ---------------- The **Active Patterns** list shows one row per pattern with its kind, value, target, expiry date, creation date, and last change. A pattern that has passed its expiry date is highlighted and no longer blocks requests, until you remove it or run a prune (see below). Add and edit patterns ---------------------- The form next to the list creates a new pattern. Pick a kind, enter the value, and save. To change a pattern, open it from the list, edit the fields, and save. The form checks the value before it stores the pattern and shows a clear message when something is wrong, for example an invalid IP address or a broken regular expression. Pattern kinds ------------- A pattern's kind decides what part of the request it compares against. ``ip`` Blocks one exact client IP address, for example ``203.0.113.10``. ``cidr`` Blocks a whole IP range in CIDR notation, for example ``203.0.113.0/24``. ``path_exact`` Blocks requests whose path is exactly this value, for example ``/old-login``. ``path_prefix`` Blocks requests whose path starts with this value, for example ``/wp-admin``. ``path_regex`` Blocks requests whose path matches this regular expression, for example ``#^/(wp-admin|xmlrpc\.php)#``. ``header_exact`` Blocks requests where a header has exactly this value. Put the header name in the target field, for example target ``User-Agent`` and value ``BadBot/1.0``. ``header_regex`` Blocks requests where a header matches this regular expression. Put the header name in the target field, for example target ``User-Agent`` and value ``#(sqlmap|nikto)#i``. ``request_regex`` Blocks requests where the regular expression matches a combined string of the path, the query string, and the request headers, for example ``#(union\s+select|