For the maps and the regex patterns to work as originally intended it is necessary to use a correct Caddy equivalent.
When including the 7g-debug.snippet
this request:
curl -H "Referer: https://developer.mozilla.org/en-US/docs/Web/JavaScript" -I https://localhost/some/path/index.php\?foo\=bar\&bar\=encodedampersand%26
results in (something like)
x-method: HEAD
x-path: /some/path/index.php
x-query: foo=bar&bar=encodedampersand%26
x-referer: https://developer.mozilla.org/en-US/docs/Web/JavaScript
x-uri: /some/path/index.php?foo=bar&bar=encodedampersand%26
x-useragent: curl/7.64.1
Replaced in the snippet for Caddy by {query}
Replaced in the snippet for Caddy by {path}
We should really work here with only the path, no query or even the fragment.
Replaced in the snippet for Caddy by {header.user-agent}
Replaced in the snippet for Caddy by {header.referer}
Replaced in the snippet for Caddy by {remote_host}
Note: Without a special module remote_host from Caddy might just return the IP address not the reverse looked up domain that the firewall rules try to match.
Replaced in the snippet for Caddy by {method}