rules:
  - name: WPEngine API Key
    id: kingfisher.wpengine.1
    pattern: |
      (?xi)
      \b
      (?:
        wpengine(?:[_.-]?api)?[_.-]?(?:key|secret|token)
        |
        wpe(?:[_.-]?api)?[_.-]?(?:key|secret|token)
      )
      \b
      \s* [=:] \s* ["']?
      \b
      (
        [A-Za-z0-9]{24,64}
      )
      \b
    confidence: medium
    min_entropy: 3.5
    examples:
      - "WPE_APIKEY=a3b8f29e4d1c6a0578e23d9f41b6"
      - 'wpengine_api_key: "9f4b2d7e1a3c8056d2e7f1b94a6c3d80"'
      - "export WPENGINE_API_KEY=d4e8f2a7b1c39605d2e7f1b94a6c3d80"
    references:
      - https://wpengineapi.com/
    depends_on_rule:
      - rule_id: kingfisher.wpengine.2
        variable: WPE_ACCOUNT_NAME
    validation:
      type: Http
      content:
        request:
          method: GET
          url: "https://api.wpengine.com/1.2/?method=site&account_name={{ WPE_ACCOUNT_NAME }}&wpe_apikey={{ TOKEN }}"
          response_matcher:
            - report_response: true
            - type: StatusMatch
              status: [200]

  - name: WPEngine Account Name
    id: kingfisher.wpengine.2
    visible: false
    pattern: |
      (?xi)
      \b
      (?:WPE_ACCOUNT_NAME|WPENGINE_ACCOUNT|wpengine_account_name|wpengine_account|account_name)
      \s* [=:] \s* ["']?
      (
        [a-z0-9][a-z0-9-]+
      )
      ["']?
    confidence: medium
    min_entropy: 1.0
    examples:
      - 'WPE_ACCOUNT_NAME=prod-account'
      - 'account_name: "team-site-1"'