Difference between revisions of "WAF 340362"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with ''''Rule ID''' 340001 '''Alert Message''' Atomicorp.com WAF Rules: ModSecurity does not support content encodings and can not detect attacks using it, therefore it is blocke…')
 
m
Line 1: Line 1:
 
'''Rule ID'''  
 
'''Rule ID'''  
  
340001
+
340362
  
 
'''Alert Message'''   
 
'''Alert Message'''   

Revision as of 17:09, 25 November 2009

Rule ID

340362

Alert Message

Atomicorp.com WAF Rules: ModSecurity does not support content encodings and can not detect attacks using it, therefore it is blocked.

Description

modsecurity, the WAF used, does not support inbound compressed content (not be confused with compressed files, which it does support) and therefore it can not see or evaluate any traffic encoded in this manner. If an attack were to be encoded in this way the WAF would not catch it, therefore the WAF is configured to block this traffic.

False Positives:

None. This does not have any known false positives. If it triggers it means compressed content is being sent to the server. If you allow this by disabling this rule you will open your system up to attacks that ASL can not detect or prevent.

Similar Rules

WAF_340001

Personal tools