Like all of us, I get a lot of vulnerability probers all day every day. I've not had time to link up Fail2Ban with LSWS properly so I'm looking to do a quick Mod-Security rule to nip at least a few if I can in the meanwhile. But I don't have much experience with Mod_Security rules and I can't get mine to work based on the documentation. Requests I want to deny immediately include: They are all open proxy scanners. Sure, they get 404's but on our system, they are "heavy" 404's which takes up a fair bit of resources. I'd like LSWS to block these right away. Request Filter Rules at Server level I tried for the wantsfly one: Code: SecFilterSelective REQUEST_URI "wantsfly.com" SecFilterSelective REQUEST_URI "*wantsfly.com*" The latter gets an error. How do I say "Block everything with wantsfly.com or proxyfire in the URI"? Thanks!