WAF 340009

From Atomicorp Wiki
Revision as of 13:23, 26 November 2009 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Rule ID

340009

Status

Active rule currently published.

Alert Message

Atomicorp.com WAF Rules: Protected Path Access denied in URI/ARGS

Description

This rule detects if a protected path is accessed by a web request. A protected path includes key parts of the operating system, such as c:/windows, /bin, /lib, /dev, /proc and other important parts of the OS.

False Positives

If a web application needs to access these parts of the OS this rule can be triggered. Check to ensure that your application actually needs to access this part of the OS and that this is not an attack. It is not recommended you disable this rule, but rather that you report it as a false positive so we can put out an update for your application.

Instructions to report false positives are detailed on the Reporting False Positives wiki page.

If you wish to tune this rule yourself, please see the Tuning the Atomicorp WAF Rules page for basic information.

Tuning Recommendations


Similar Rules

WAF_340007

WAF_340006

Knowledge Base Articles

None.

Outside References

None.

Personal tools