From f77d618553346a812aa430576a1003e855e57e05 Mon Sep 17 00:00:00 2001
From: Marcus Noble <github@marcusnoble.co.uk>
Date: Sun, 28 Sep 2025 16:22:24 +0100
Subject: [PATCH] Block more bad bot activity

Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
---
 filterRoutes.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/filterRoutes.js b/filterRoutes.js
index 8b7afd2..99e5eaa 100644
--- a/filterRoutes.js
+++ b/filterRoutes.js
@@ -33,6 +33,7 @@ router.all(/.*\.\.\/.*/, blackHole);
 router.all('/__MACOSX/*?', blackHole);
 // Block access to Workdpress files
 router.all('(/*)?/wp-admin/', blackHole);
+router.all('(/*)?/wp-admin/.*', blackHole);
 router.all('(/*)?/wp-includes/?(*)?', blackHole);
 router.all('(/*)?/wp-content/?(*)?', blackHole);
 router.all('/wordpress/', blackHole);
@@ -59,6 +60,7 @@ router.all('/bak/', blackHole);
 router.all('archive.zip', blackHole);
 // Block access to possible credentials
 router.all('/env.test', blackHole);
+router.all('(/.*)?/env$', blackHole);
 router.all('/admin(/.*)?', blackHole)
 router.all('/credentials(/*)?', blackHole);
 router.all(/.*credentials\.json$/, blackHole);