Difference between revisions of "WAF 303800"
m (→Description) |
m (→Description) |
||
Line 12: | Line 12: | ||
This will not block the real google webcrawler. We do not recommend you disable this rule. | This will not block the real google webcrawler. We do not recommend you disable this rule. | ||
+ | |||
+ | For ASL users, if you enable the option below, ASL will automatically and dynamically whitelist the real google webcrawler from all WAF events: | ||
+ | |||
+ | https://www.atomicorp.com/wiki/index.php/ASL_WAF#MODSEC_00_AUTOWHITELIST_SEARCHENGINE | ||
= Troubleshooting = | = Troubleshooting = |
Revision as of 16:04, 4 April 2014
Rule 303800 | |
---|---|
Status | Active |
Alert Message | Atomicorp.com WAF Rules: Fake Googlebot webcrawler |
Contents |
Description
This exclusive capability in the Atomicorp ruleset can detect when a client pretends to be the google webcrawler. This helps to detect and block potential zero day and other supsicious behavior. Attacks have been know to impersonate webcrawlers to trick naive applications that blinding trust webcrawlers. They use this method to gain access that would otherwise be blocked to non-crawlers.
This will not block the real google webcrawler. We do not recommend you disable this rule.
For ASL users, if you enable the option below, ASL will automatically and dynamically whitelist the real google webcrawler from all WAF events:
https://www.atomicorp.com/wiki/index.php/ASL_WAF#MODSEC_00_AUTOWHITELIST_SEARCHENGINE
Troubleshooting
False Positives
There are no known false positives with this rule. If you believe this is a false positive, please report this following the process at the link below:
https://www.atomicorp.com/wiki/index.php/Reporting_False_Positives
Tuning Guidance
Please see the Tuning the Atomicorp WAF Rules page for more information if you wish to disable or modify this rule.
Additional Information
Similar Rules
None.
Knowledge Base Articles
None.
Outside References
None.