diff --git a/rules/shell/bash_dev_tcp.yara b/rules/shell/bash_dev_tcp.yara
index a6424ac0f..4aa023bf8 100644
--- a/rules/shell/bash_dev_tcp.yara
+++ b/rules/shell/bash_dev_tcp.yara
@@ -17,7 +17,10 @@ rule bash_dev_tcp_hardcoded_ip : critical {
   meta:
     description = "hardcoded /dev/tcp host:port"
   strings:
-	$dev_tcp = /\/dev\/tcp\/[\w\.]{8,16}\/\d{1,6}/
+    $dev_tcp = /\/dev\/tcp\/[\w\.]{8,16}\/\d{1,6}/
+    $not_comment = "# Check that both our processes are running on their tcp port"
+    $not_get = "GET / HTTP/1.1 >"
+    $not_localhost_8080 = "/dev/tcp/127.0.0.1/8080"
   condition:
-	$dev_tcp
+	  $dev_tcp and none of ($not_*)
 }