Difference between revisions of "WAF 300114"
From Atomicorp Wiki
m |
m |
||
| Line 7: | Line 7: | ||
Atomicorp.com WAF Rules: HTTP Smuggling Attack: Inconsistent Content-Length and Transfer-Encoding headers detected | Atomicorp.com WAF Rules: HTTP Smuggling Attack: Inconsistent Content-Length and Transfer-Encoding headers detected | ||
| − | |||
'''Description''' | '''Description''' | ||
| − | This rule detects if Content-Length and | + | This rule detects if Content-Length and Transfer-Encoding chunked or identity type headers are set on a request. There is no legitimate traffic that uses this method, this is an attack. |
'''False Positives''' | '''False Positives''' | ||
Latest revision as of 13:59, 1 August 2024
Rule ID
300114
Alert Message
Atomicorp.com WAF Rules: HTTP Smuggling Attack: Inconsistent Content-Length and Transfer-Encoding headers detected
Description
This rule detects if Content-Length and Transfer-Encoding chunked or identity type headers are set on a request. There is no legitimate traffic that uses this method, this is an attack.
False Positives
There are no known False Positives for this.
If you believe this is a false positive, it is recommended that you report this to our security team can determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page.
Similar Rules
Outside References
