This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

False positives Attack Sql injection

azepeda1984 over 10 years ago

Hello
We have the following issue. We have a website that is published by joomla module with sophos WAF on version 9.1 everything works fine but when we do it upgrade to version 9.2 website show us a message that we don't have permission because present SQL injection attack.

some help.

please see attach.

This thread was automatically locked due to age.

Parents

0 scorpionking over 10 years ago
Just add the ID Ross86 mentioned into "skip tfilter rules" in the Web Application firewall profile you are using for this virtual server.

It is quite common that certain IDs produce false positives with several CMS.
----------
Sophos user, admin and reseller.
Private Setup:

XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)

UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 scorpionking over 10 years ago
Just add the ID Ross86 mentioned into "skip tfilter rules" in the Web Application firewall profile you are using for this virtual server.

It is quite common that certain IDs produce false positives with several CMS.
----------
Sophos user, admin and reseller.
Private Setup:

XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)

UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data