Difference between revisions of "WAF 300009"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with "{{Infobox |header1= Rule 300009 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = tomicorp.com WAF AntiSpam Rules: Spam: Possible Loan Spam }} = Description =...")

Revision as of 11:27, 23 November 2012

Rule 300009
Status Active
Alert Message tomicorp.com WAF AntiSpam Rules: Spam: Possible Loan Spam

Contents

Description

This rules detects if a post contains patterns commonly used by web spammers, such as pay day loan content or cash advance content. This by itself may not be an attack if the domain allows this type of content.

Troubleshooting

False Positives

A false positive can occur when a website legitimately uses this type of content (a pay day loan website), or if there is an error in the patterns used to detect this type of spam. The rules contain a large library of known web applications and safe methods for using this content, such as administrative functions, and can detect known safe methods and ignore them. However it is possible for a new or custom application to do this in an unknown manner and incorrectly trigger this rule.

If you believe this is a false positive, first check to see if the post contains content that this rule specifically looks for. If this rule is correctly identifying this content, and this is not an administrative function (i.e. an authenticated action taken by the site administrator) then this is not a false positive.

If the rule is incorrect detecting this type of content, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

Tuning Guidance

Please see the Tuning the Atomicorp WAF Rules page for basic information.

Additional Information

Similar Rules

None.

Knowledge Base Articles

None.

Outside References

None.

Notes

Personal tools