How is `pub/health_check.php` used?

github.com/magento/magento2/blob/2.4.7-beta2/pub/health_check.php

Varnish’s health check feature polls the Magento server to determine whether it is responding in a timely manner.

  • If it is responding normally, fresh content will be regenerated after the Time to Live (TTL) period has expired.
  • If not, Varnish always serves stale content.

Magento defines the following default health check:

.probe = {
    .url = "/pub/health_check.php";
    .timeout = 2s;
    .interval = 5s;
    .window = 10;
    .threshold = 5;
}

Every 5 seconds, this health check calls the pub/health_check.php script.
This script checks the availability of the server, each database, and Redis (if installed).
The script must return a response within 2 seconds.
If the script determines that any of these resources are down, it returns a 500 HTTP error code.
If this error code is received in 6 out of 10 attempts, the backend is considered unhealthy.

The health_check.php script is located in the pub directory.
If your Magento root directory is pub, then be sure to change the path in the url parameter from /pub/health_check.php to health_check.php.

For more information, see the Varnish health checks documentation.

github.com/magento/devdocs/blob/2.4.6-develop/src/guides/v2.4/config-guide/varnish/config-varnish-advanced.md#health-check-health

How to prevent the infection of pub/health_check.php in 2.3.3-p1 ≤ Magento ≤ 2.3.7-p2 and 2.4.0 ≤ Magento ≤ 2.4.3-p1?