I’m evaluating to do some bruteforce rules ie:
I have this …
http-request track-sc0 hdr(x-forwarded-for) table Abuse if METH_POST url_wp_admin_test !is-whitelisted-ip
Is there a way to only add it to the track-sc0 table Abuse if the backend result is also 200
(which means invalid password…) ?