Difference between revisions of "WAF 340617"
(Created page with ''''Rule ID''' 340617 '''Alert Message''' Atomicorp.com WAF Rules: GET or HEAD requests with bodies attack '''Description''' GET and HEAD requests can not have bodies. …')
Latest revision as of 18:49, 25 November 2009
Atomicorp.com WAF Rules: GET or HEAD requests with bodies attack
GET and HEAD requests can not have bodies. This rule detects an attempt to include a body with these methods and can be part of attempt to attack your system by hiding or smuggling content in a non-standard method.
There are no known False Positives for this. This method is also invalid HTTP and should not be allowed.
If you do believe this is a false positive, it recommended that you report this to our security team so they can determine if this is a legitimate case, or if its clever attack on your systems. Instructions to report false positives are detailed on the Reporting False Positives wiki page.