WAF 361022

From Atomicorp Wiki
Revision as of 16:53, 3 February 2013 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Rule 361022
Status Active
Alert Message Atomicorp.com WAF Rules: Potential SQL Information Leakage



This rules detects when an application return an SQL error message. This rules does not cause this, and disabling this rule will not have any effect on the applications SQL error. The rule just detects when an SQL error is detected in the data sent from your web server to your users. This information may include sensitive information, such as passwords, or this may indicate that an attacker is attempting to find flaws in your applications.

We recommend you investigate the cause of the SQL error, as this may indicate an attack is in progress.


False Positives

A false positive could occur if a user posted an SQL error message to forum, blog or other content management system. This rule looks for specific error messages in the content of the data returned to the user, not the data sent by the user. Please check the content of the event before reporting this as a false positive. If the event was a real SQL error message returned by your server, then do not report this as a false positive, the rule is working correctly.

Tuning Guidance

See the Mod_security page for guidance on tuning this rule.

Additional Information

Similar Rules


Knowledge Base Articles


Outside References




Personal tools