Large scale problem with cookie and WAF blocking web services

Question

It appears a large number of services are deploying this cookie named "ajs_anonymous_id". I think it comes from Google. 
 The cookie begins and ends with %22. This triggers Sophos UTM to think that EVERY request is a SQL Injection attack.

FormerMember · Accepted Answer

Hi Remuflon , 
 Thank you for the update. 
 You could try to bypass the third rule(981318 ) as it&rsquo;s not one of the infrastructure rules by following this KBA and see if that helps: Sophos UTM: How to bypass individual WAF rules . 
 Thanks,

Large scale problem with cookie and WAF blocking web services

Top Replies