web-application-firewall

问题 I'm running a asp.net web application on Azure, I have an Application Gateway in front of it, enable the WAF (Web application Firewall). But many of my http requests from the front-end are blocked by the WAF, for example my payload in JSON: [{"inputtype":"text","name":"wwwwww","memo":"","score":1,"sort":1,"isrequired":false,"allowseeresult":false,"choicenummin":null,"choicenummax":null,"options":[]}] The error message is: "message": "Warning. Pattern match \"((?: [\\\\~\\\\!\\\\@\\\\#\\\\$\\\

问题 I am studying and researching about different methods of SQL Injection and countermeasures. Checking HackerOne Hacktivities showed me that it's not enough for a web application to just use a WAF (ex. Cloudfront, cloudflare, Akamai, ...) is not enough because hackers use and build WAF bypass payloads to overcome these technologies to make the attacks successful . Searched over the internet for Database Firewall keyword but most links were related to Oracle Database firewall . As I am currently

问题 We want to use heremaps geocoder.api. Currently the calls to heremaps are stopped by our local firewall. Our admins told me that it is not possible to add an URL to the firewall rules (geocoder.api.here.com). They need IP-addresses. So the question is: What IP addresses does the service "geocoder.api.here.com" use? Thanks for your answers, Markus 回答1: IP address are dynamic in nature as the APIs are hosted in a cloud environment, the recommendation is to whitelist domain like *.api.here.com

问题 We want to use heremaps geocoder.api. Currently the calls to heremaps are stopped by our local firewall. Our admins told me that it is not possible to add an URL to the firewall rules (geocoder.api.here.com). They need IP-addresses. So the question is: What IP addresses does the service "geocoder.api.here.com" use? Thanks for your answers, Markus 回答1: IP address are dynamic in nature as the APIs are hosted in a cloud environment, the recommendation is to whitelist domain like *.api.here.com

问题 If mod_security is set to ON for the whole website, is there a way I can set specific pages to detection_only? Use case is that the application is used to configure websites, and use of CSS or js is very common, but very likely to make modsecurity throw an XSS rule exception. I'd like to detect those exceptions but not block them, on those pages only. However on all other pages I want rule exceptions to block. More gritty detail: The application is actually an IIS application running on

问题 If mod_security is set to ON for the whole website, is there a way I can set specific pages to detection_only? Use case is that the application is used to configure websites, and use of CSS or js is very common, but very likely to make modsecurity throw an XSS rule exception. I'd like to detect those exceptions but not block them, on those pages only. However on all other pages I want rule exceptions to block. More gritty detail: The application is actually an IIS application running on

问题 ASP.NET (Framework 3.5, IIS 8.5, windows server 2012R2) with Ajax control toolkit is being blocked by WAF (Web Applications Firewall). Following is the screen shot from WAF These are signatures from WAF I tried disabling ajax components at the web page but still getting same problem. Any suggestions ?? 回答1: It's referencing an ASP.NET padding attack vector that is rated "HIGH". Depending on your WAF this is probably a prebuilt signature blocking your application and may not be directly

问题 ASP.NET (Framework 3.5, IIS 8.5, windows server 2012R2) with Ajax control toolkit is being blocked by WAF (Web Applications Firewall). Following is the screen shot from WAF These are signatures from WAF I tried disabling ajax components at the web page but still getting same problem. Any suggestions ?? 回答1: It's referencing an ASP.NET padding attack vector that is rated "HIGH". Depending on your WAF this is probably a prebuilt signature blocking your application and may not be directly

问题 We are running a simple application that connects to Firebase are reads some data. It fails to connect with the following timeout error: @firebase/database: FIREBASE WARNING: {"code":"app/invalid-credential", "message":"Credential implementation provided to initializeApp() via the \"credential\" property failed to fetch a valid Google OAuth2 access token with the following error: \"Failed to parse access token response: Error: Error while making request: connect ETIMEDOUT We are behind

问题 I am able to successfully update the WAF ip address rule set from lambda if the rule sets are Global (Cloudfront). but if i create a rule set specific to region to be able to use it with APP ELB, the get-ip-set or list-ip-set api's are not retrieving the IP set specific to a region and hence I am not able to update these rule sets directly from lambda. Is there any additional param that needs to be passed to be able to retrieve these rule sets that are region specific 回答1: You need to be