Difference between revisions of "WAF 300114"
From Atomicorp Wiki
(Created page with "'''Rule ID''' 300114 '''Alert Message''' Atomicorp.com WAF Rules: HTTP Smuggling Attack: Inconsistent Content-Length and Transfer-Encoding headers detected HTTP Smuggli...") |
m |
||
(2 intermediate revisions by one user not shown) | |||
Line 7: | Line 7: | ||
Atomicorp.com WAF Rules: HTTP Smuggling Attack: Inconsistent Content-Length and Transfer-Encoding headers detected | Atomicorp.com WAF Rules: HTTP Smuggling Attack: Inconsistent Content-Length and Transfer-Encoding headers detected | ||
− | |||
'''Description''' | '''Description''' | ||
− | This rule detects if Content-Length and | + | This rule detects if Content-Length and Transfer-Encoding chunked or identity type headers are set on a request. There is no legitimate traffic that uses this method, this is an attack. |
'''False Positives''' | '''False Positives''' | ||
Line 21: | Line 20: | ||
'''Similar Rules''' | '''Similar Rules''' | ||
− | [[ | + | [[WAF_300113]] |
− | [[ | + | [[WAF_300112]] |
− | [[ | + | [[WAF_300111]] |
− | + | ||
− | + | ||
'''Outside References''' | '''Outside References''' |
Latest revision as of 13:59, 1 August 2024
Rule ID
300114
Alert Message
Atomicorp.com WAF Rules: HTTP Smuggling Attack: Inconsistent Content-Length and Transfer-Encoding headers detected
Description
This rule detects if Content-Length and Transfer-Encoding chunked or identity type headers are set on a request. There is no legitimate traffic that uses this method, this is an attack.
False Positives
There are no known False Positives for this.
If you believe this is a false positive, it is recommended that you report this to our security team can determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page.
Similar Rules
Outside References