Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 2952 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Tune WAF SQL Injection protection

tfp
Hello,

Is it possible to change the thresholds for XSS/SQL Injection blocks/alerts? I noticed for instance that SQL SELECT statements and several UPDATE statements are not blocked.

Additionally, is there any detailed information available on how the form/url hardening logic works? How does the system 'learn' which values are allowed in a specific form, and which URLs may be accessed from a specific url?

Thank you very much,

Regards,
Tim


This thread was automatically locked due to age.
Parents
  • 0
    I think both of you should submit a Support request to Astaro if you have a paid license.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    I think both of you should submit a Support request to Astaro if you have a paid license.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML