[edit] Description

This rule detects Possible PHP injection attacks. It does this by looking for combinations of metacharacters and word/character segements encapsulated by parenthesese that may appear to be PHP variable function calls. If you have a false positive with this rule, please report it to us.

[edit] Troubleshooting

[edit] False Positives

If you believe this is a false positive, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

[edit] Tuning Guidance

If you want to disable or tune this rule, please see the Tuning the Atomicorp WAF Rules page for basic information.

[edit] Additional Information

[edit] Similar Rules

None.

[edit] Knowledge Base Articles

None.

[edit] Outside References

None.

[edit] Notes

None.