|Alert Message||tomicorp.com WAF AntiSpam Rules: Spam: Possible Loan Spam|
This rules detects if a post contains patterns commonly used by web spammers, such as pay day loan content or cash advance content. This by itself may not be an attack if the domain allows this type of content.
A false positive can occur when a website legitimately uses this type of content (a pay day loan website), or if there is an error in the patterns used to detect this type of spam. The rules contain a large library of known web applications and safe methods for using this content, such as administrative functions, and can detect known safe methods and ignore them. However it is possible for a new or custom application to do this in an unknown manner and incorrectly trigger this rule.
If you believe this is a false positive, first check to see if the post contains content that this rule specifically looks for. If this rule is correctly identifying this content, and this is not an administrative function (i.e. an authenticated action taken by the site administrator) then this is not a false positive.
If the rule is incorrect detecting this type of content, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Please see the Tuning the Atomicorp WAF Rules page for basic information.
Knowledge Base Articles