Difference between revisions of "WAF 330039"
(Created page with ''''Rule ID''' 33039 '''Status''' Active rule currently published. '''Alert Message''' Atomicorp.com WAF Rules: Suspicious Unusual User Agent (libwww-perl). Disable this r…') |
m |
||
Line 17: | Line 17: | ||
'''False Positives''' | '''False Positives''' | ||
− | This client may already be used by some legitimate scripts and therefore this may not be an attack. ''' If you | + | This client may already be used by some legitimate scripts and therefore this may not be an attack. ''' If you use libwww-perl you must disable this rule.''' |
False positives are not really possible with this rule. The rule simply alerts if the client reports itself as libwww-perl. If this is in error, please check your application. | False positives are not really possible with this rule. The rule simply alerts if the client reports itself as libwww-perl. If this is in error, please check your application. |
Latest revision as of 13:16, 29 October 2010
Rule ID
33039
Status
Active rule currently published.
Alert Message
Atomicorp.com WAF Rules: Suspicious Unusual User Agent (libwww-perl). Disable this rule if you use libwww-perl.
Description
This rule is triggerd if the user agent used to connect to the system is libwww-perl. Some PCI-DSS scanners will report a vulnerability if the system does not block all requests from this client.
False Positives
This client may already be used by some legitimate scripts and therefore this may not be an attack. If you use libwww-perl you must disable this rule.
False positives are not really possible with this rule. The rule simply alerts if the client reports itself as libwww-perl. If this is in error, please check your application.
Tuning Recommendations
If you know that this behaviour is acceptable for your application, you can tune it by disabling this rule for the application or virtual host.
If you wish to tune this rule yourself, please see the Tuning the Atomicorp WAF Rules page for basic information.
Similar Rules
None.
Knowledge Base Articles
None.
Outside References
None.