Difference between revisions of "WAF 340004"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with ''''Rule ID''' 340003 '''Alert Message''' Atomicorp.com WAF Rules: XSS attack in request headers '''Description''' Cross Site scripting has been detected in the request …')
 
Line 1: Line 1:
 
'''Rule ID'''  
 
'''Rule ID'''  
  
340003
+
340004
  
 
'''Alert Message'''   
 
'''Alert Message'''   
  
Atomicorp.com WAF Rules: XSS attack in request headers
+
Atomicorp.com WAF Rules: Chunked Transfer Encoding denied
  
 
'''Description'''   
 
'''Description'''   
  
Cross Site scripting has been detected in the request headers.
+
modsecurity can not process Checked Transfer encoded content.  If you allow this content by disabling this rule, attackers will be able to attack your system and ASL will not be able to detect or prevent these.
  
 
'''False Positives'''
 
'''False Positives'''
Line 21: Line 21:
  
 
'''Outside References'''
 
'''Outside References'''
 
http://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29
 

Revision as of 18:49, 25 November 2009

Rule ID

340004

Alert Message

Atomicorp.com WAF Rules: Chunked Transfer Encoding denied

Description

modsecurity can not process Checked Transfer encoded content. If you allow this content by disabling this rule, attackers will be able to attack your system and ASL will not be able to detect or prevent these.

False Positives

There are no known False Positives for this.

If you believe this is a false positive, it is recommended that you report this to our security team can determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page.

Similar Rules


Outside References

Personal tools