WAF 332039
Rule ID
332039
Status
Active rule currently published.
Alert Message
Atomicorp.com WAF Rules: Suspicious Unusual User Agent (python-requests). Disable this rule if you use python-requests
Description
This rule detects when a client tells the web server that it is the python-requests library. Web clients can report to a web server what they are. For example, a web client can report to the web server that it is a Webbrowser, such as Chrome, or it can report to the web server that it is GoogleBot, or a specific client, library or software package. Clients do this by sending a special header to the web server, for example:
User-Agent: python-requests/2.2.1 CPython/2.7.6 Linux/3.19.0-25-generic
Some malware is known to use the python-requests library, so some users prefer to block all requests with this User-agent header. Some PCI-DSS compliance auditors will fail a site if it does not block clients that self report this client.
False Positives'
None. The rule does not cause this to occur, it can only be triggered if the Client reports it is using this software package. Therefore, if you wish to allow these clients to connect to your system, simply disable the rule.
Similar Rules
None.
Knowledge Base Articles
None.
Outside References
None.