Randomized WAF responses

By default, the web application firewall has a single, standard response for blocked requests, but you can vary this to confuse attackers.

VCL

Use this solution in your VCL service (click RUN below to test this solution or clone it to make changes):