HI
We having a problem witth one of our websites behind the UTM.
We did create the neccessey WAF rules for this website. when we dont use any Firewall profile we can access the website but when useing the basic profile we are not able to open some pages. I did check the WAF logs and see this and see any ID to Skip it in the rule. any idea?
2016:03:17-09:53:13 securitysrv1-2 reverseproxy: id="0299" srcip="82.95.118.54" localip="62.XX.XX.33" size="220" user="-" host="82.XX.XX.54" method="POST" statuscode="403" reason="waf" extra="Inbound Anomaly Score Exceeded (Total Score: 12, SQLi=7, XSS=5): Last Matched Message: SQL Injection Attack: SQL Operator Detected" exceptions="-" time="1363723" url="/Themes.aspx" server="ossecanon.nl" referer="mysite.com/Themes.aspx cookie="toestemmingvoorcookies=ja.1458122207122-988831550; __utmt=1; __utma=198157489.1099798894.1458118816.1458126940.1458204785.3; __utmb=198157489.3.10.1458204785; __utmc=198157489; __utmz=198157489.1458118816.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)" set-cookie="-"
Thanks
This thread was automatically locked due to age.
