This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Tune WAF SQL Injection protection

Hello,

Is it possible to change the thresholds for XSS/SQL Injection blocks/alerts? I noticed for instance that SQL SELECT statements and several UPDATE statements are not blocked.

Additionally, is there any detailed information available on how the form/url hardening logic works? How does the system 'learn' which values are allowed in a specific form, and which URLs may be accessed from a specific url?

Thank you very much,

Regards,
Tim

This thread was automatically locked due to age.

Parents

0 sd12 over 12 years ago
after an attack on a webserver i was shocked. this querry
?a=UPDATE+table+SET+field='value'+WHERE+huhu=1;
will not be blocked.

How can i block update queries?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 sd12 over 12 years ago
after an attack on a webserver i was shocked. this querry
?a=UPDATE+table+SET+field='value'+WHERE+huhu=1;
will not be blocked.

How can i block update queries?
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data