WAF 330045

From Atomicorp Wiki
Revision as of 17:39, 18 March 2012 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Rule ID

330045

Status

Active rule currently published.

Alert Message

Atomicorp.com WAF Rules: Suspicious Unusual User Agent (pycurl). Disable this rule if you use pycurl.

Description

This rule is triggered if the user agent used to connect to the system is pycurl. Some PCI-DSS scanners will report a vulnerability if the system does not block all requests from this client.

False Positives

This client may already be used by some legitimate scripts and therefore this may not be an attack. If you use pycurl you must disable this rule.

False positives are not really possible with this rule. The rule simply alerts if the client reports itself as pycurl. If this is in error, please check your application.

Tuning Recommendations

If you know that this behaviour is acceptable for your application, you can tune it by disabling this rule for the application or virtual host.

If you wish to tune this rule yourself, please see the Tuning the Atomicorp WAF Rules page for basic information.

Similar Rules

None.

Knowledge Base Articles

None.

Outside References

None.

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=WAF_330045&oldid=2238"
Personal tools