Active rule currently published.
Atomicorp.com WAF Rules - Virtual Patch: Possible Attempt to Access vulnerable FCKeditor file upload connector (Disable if you have configured this connector to require authentication)
This rule detects the use of FCKEditor file upload connector. This tool has the potential to be used in an unauthenticated manner, making it possible for attackers to upload files to your system without your permissions. A number of web applications use this connector, and configure it an unauthenticated manner.
This rules work by detecting the use of this connector.
A false positive can only occur when an the application is used in an authenticated manner. If you know that this connector is properly protected, then disable this rule. However, if the application is not properly protected, disabling this rule will make it possible for anyone to upload files to the system. This method is well known and is used regularly to compromise hosts.
If you know that this behavior is acceptable for your application, please log into your ASL gui, click on Configuration, then Rules Manager. And disable this rule only for the virtual hosts that use it. We do not recommend you disable this rule globally.
Knowledge Base Articles