Difference between revisions of "WAF 340009"
(Created page with ''''Rule ID''' 340009 '''Status''' Active rule currently published. '''Alert Message''' Atomicorp.com WAF Rules: Protected Path Access denied in URI/ARGS '''Description''…') |
Latest revision as of 13:23, 26 November 2009
Rule ID
340009
Status
Active rule currently published.
Alert Message
Atomicorp.com WAF Rules: Protected Path Access denied in URI/ARGS
Description
This rule detects if a protected path is accessed by a web request. A protected path includes key parts of the operating system, such as c:/windows, /bin, /lib, /dev, /proc and other important parts of the OS.
False Positives
If a web application needs to access these parts of the OS this rule can be triggered. Check to ensure that your application actually needs to access this part of the OS and that this is not an attack. It is not recommended you disable this rule, but rather that you report it as a false positive so we can put out an update for your application.
Instructions to report false positives are detailed on the Reporting False Positives wiki page.
If you wish to tune this rule yourself, please see the Tuning the Atomicorp WAF Rules page for basic information.
Tuning Recommendations
Similar Rules
Knowledge Base Articles
None.
Outside References
None.