WAF 340362

From Atomicorp Wiki
Revision as of 05:47, 16 May 2012 by Mshinn (Talk | contribs)

Jump to: navigation, search

Rule ID

340362

Alert Message

Atomicorp.com WAF Rules: ModSecurity does not support content encodings and can not detect attacks using it, therefore it is blocked.

Description

modsecurity does not support content encodings, such as inbound compressed content (not be confused with compressed files, which it does support). Therefore it can not see or evaluate any traffic encoded in this manner. If an attack were to be encoded in this way the WAF would not catch it, therefore the WAF is configured to block this traffic.

False Positives:

None. If this rule triggers it means content encoded data is being sent to the server. If you allow this by disabling this rule you will open your system up to attacks that modsecurity can not detect or prevent.

Similar Rules

None.

Personal tools