Difference between revisions of "WAF 340616"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with ''''Rule ID''' 340616 '''Alert Message''' Atomicorp.com WAF Rules: POST request must have a Content-Length header '''Description''' A valid POST request should have a Co…')
 
m
 
Line 15: Line 15:
 
This can be triggered if an application is poorly written and does not include this header.  If you must disable this rule, you should disable it only for that specific application and only from trusted IP addresses.  The best option is to fix the application so that it includes this Header.
 
This can be triggered if an application is poorly written and does not include this header.  If you must disable this rule, you should disable it only for that specific application and only from trusted IP addresses.  The best option is to fix the application so that it includes this Header.
  
It recommended that you report this as a false positive so our security team can determine if this is a legitimate case, or if its clever attack on your systems.  Instructions to report false positives are detailed on the [[Reporting False Positives]] wiki page.
+
If you believe this is a false positive, it is recommended that you report this to our security team can determine if this is a legitimate case, or if its clever attack on your system.  Instructions to report false positives are detailed on the [[Reporting False Positives]] wiki page.
  
 
'''Similar Rules'''
 
'''Similar Rules'''

Latest revision as of 18:58, 25 November 2009

Rule ID

340616

Alert Message

Atomicorp.com WAF Rules: POST request must have a Content-Length header

Description

A valid POST request should have a Content-Length header. POSTS that do not include this can be indicative of an attack.

False Positives

This can be triggered if an application is poorly written and does not include this header. If you must disable this rule, you should disable it only for that specific application and only from trusted IP addresses. The best option is to fix the application so that it includes this Header.

If you believe this is a false positive, it is recommended that you report this to our security team can determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page.

Similar Rules


Outside References

Personal tools