Difference between revisions of "WAF 350147"

From Atomicorp Wiki
Jump to: navigation, search
m (Similar Rules)
m (Similar Rules)
 
Line 26: Line 26:
 
== Similar Rules ==
 
== Similar Rules ==
  
[[WAF_350148]]
+
[[WAF 350148]]
  
 
== Knowledge Base Articles==  
 
== Knowledge Base Articles==  

Latest revision as of 14:42, 3 January 2013

Rule 350147
Status Active
Alert Message Atomicorp.com WAF Rules: Potentially Untrusted Web Content Detected

Contents

[edit] Description

This rules detects when potentially untrusted web content is used in a client request. For example, if javascript is included in a variable that appears to not be used for this purpose, or if web code is included in a portion of a request that is not known to be used for this purpose.


[edit] Troubleshooting

[edit] False Positives

This rule may produce a false positive if an application is used in a previously unknown or untested manner. The rules contain a large library of known trusted methods, however it is possible an application may be using a previously untested method. It is not recommended that you disable this rule if you have a false positive. If you believe this is a false positive, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

[edit] Tuning Guidance

See the Mod_security page for guidance on tuning this rule.

[edit] Additional Information

[edit] Similar Rules

WAF 350148

[edit] Knowledge Base Articles

None.

[edit] Outside References

None.

[edit] Notes

None.

Personal tools