See discussion in Slack dated 2/13/2023

@paregorios I'm testing some ansible updates for this and have the config live on staging. I've confirmed that visiting an invalid PHP url (e.g. https://isaw.jazkarta.com/publications/awol-index/json/www.amphoreus.org/index.php) four times will cause me to be blocked. I haven't tried any of the more complex overflow rules (which ban after 2 attempts). Not sure if/how you want to test this.

We've evaluated and tested and deployed to production and tested it there so closing this ticket as complete.