Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 19705 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF captures all backend errors

Harro Verton

Hello,

I'm in the process of converting a linux/apache box that was used as a reverse proxy to UTM 9 WAF, and I've bumped into an issue.

I' ve just spend over an hour trying to figure out why a migrated site gave a 403 error page on every request. Finally I found that the site itself (on the real server) generated a 503, with a message saying the database credentials were not correct.

Is there a way to configure the WAF to not hide these kind of messages?



This thread was automatically locked due to age.
  • 0 in reply to Harro Verton

    Harro Verton said:
    They don't really help though, the entries for the original problem are:

    Outbound Anomaly Score Exceeded (score 4): Last Matched Message: The application is not available means that the request is in fact blocked by the Common Threats filter. But there should many more log lines from the Common Threats filter itself explaining which rules matched. Can't tell you why that's not the case on your machine.

  • 0 in reply to Harro Verton

    Harro Verton said:
    Yes, 100% sure. I just double checked. This is its definition:

    Sorry, then I don't know why those log lines appear.

Unfiltered HTML