WAF 391158

From Atomicorp Wiki
Jump to: navigation, search
Rule 391158
Status Active
Alert Message Atomicorp.com WAF Rules: PHP c99 webshell

Contents

[edit] Description

This detects if the c99 web shell is installed on the system. The shell is often used by malicious parties to create a back door into the system.

[edit] Troubleshooting

[edit] False Positives

There are no known false positives with this rule. Please do not report this as a false positive if you allow the use of the c99 shell on your system.

If you believe this is a false positive, please report this following the process at the link below:

https://www.atomicorp.com/wiki/index.php/Reporting_False_Positives

[edit] Tuning Guidance

Please see the Tuning the Atomicorp WAF Rules page for more information if you wish to disable or modify this rule.

[edit] Additional Information

[edit] Similar Rules

None.

[edit] Knowledge Base Articles

None.

[edit] Outside References

None.

Personal tools