weval-l99/add_xmlrpc_block.py

#!/usr/bin/env python3
path = "/etc/nginx/sites-enabled/weval-consulting"
with open(path, "rb") as f:
    raw = f.read()

if b"V86 scanner block" in raw:
    print("ALREADY")
    exit(0)

# Correct marker
marker = b"server_name weval-consulting.com www.weval-consulting.com;"
insert = b"""

    # V86 scanner block - deny WordPress/common scanner probes without logging
    location ~ ^/(xmlrpc\\.php|wp-login\\.php|wp-admin/|wp-includes/|wp-content/|wordpress/|\\.env|\\.git/|\\.aws/|\\.ssh/|phpmyadmin/|pma/|mysql/|adminer\\.php) {
        access_log off;
        log_not_found off;
        return 444;
    }
"""

idx = raw.find(marker)
if idx < 0:
    print("MARKER_NOT_FOUND")
    exit(1)

eol = raw.find(b'\n', idx)
raw = raw[:eol+1] + insert + raw[eol+1:]

with open(path, "wb") as f:
    f.write(raw)
print(f"PATCHED size: {len(raw)}")