WAF 397989

From Atomicorp Wiki
Jump to: navigation, search

Rule ID

397989

Status

Active rule currently published.

Alert Message

Atomicorp.com WAF Rules: Fake MSIE 6.0 detected"

Description

This rule detects when I client pretends to be using Microsoft Internet Explorer 6.0. Many malicious bots and attackers will try to disguise their requests as legitimate users, and this rules detects when the request has been faked. This types of requests should be blocked.


False Positives

No none false positives with this rule.

It is not recommended that you disable this rule if you have a false positive. If you believe this is a false positive, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

Tuning Guidance

Please see the Tuning the Atomicorp WAF Rules page for basic information.

Similar Rules

None.

Knowledge Base Articles

None.

Outside References

None.

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=WAF_397989&oldid=5692"
Personal tools