On the last few days I have watched a lot of .php petitions on the registry, index.php, wp_login.php, etc... Over our app engine hosted web. There is a Load Balancer above this instances but doing this type of url redirect is not working:

Then, my question is about if there is any other way to deny or redirect traffic by extension on GCP AE or Load Balancing service.

Thanks in advance :)

Solution:

Finally aplying not the GCP WAF but the CDN one we get able to deny php petitions. However, the @John Hanley's approach was even more clean!

CodePudding user response：

As you confirmed that the issue was solved by denying the traffic with cloud CDN I would like to provide your solution as an answer with more information.

As @JohnHanley mentioned to deny the traffic you can also setup GCP Cloud Armor to block any traffic from outside.Cloud armor has IP based and geo based access so you can allow or deny the traffic based on the source or filter your incoming traffic based on Ipv4 and Ipv6 addresses or CIDRs.

Refer this documentation for more information on blocking traffic from specific regions using Google Cloud Armor.

You can also use url redirects when you have an old content that expires and needs removed or when URL is changed, updated or longer a website Even after you move content, search engines will the old URL and content in their index and will return that page in the search results until they discover the page no longer exists.