web-application-firewall

Http request blocked by Azure WAF, how to do right encoding?

不想你离开。 提交于 2021-02-11 12:23:07
问题 I'm running a asp.net web application on Azure, I have an Application Gateway in front of it, enable the WAF (Web application Firewall). But many of my http requests from the front-end are blocked by the WAF, for example my payload in JSON: [{"inputtype":"text","name":"wwwwww","memo":"","score":1,"sort":1,"isrequired":false,"allowseeresult":false,"choicenummin":null,"choicenummax":null,"options":[]}] The error message is: "message": "Warning. Pattern match \"((?: [\\\\~\\\\!\\\\@\\\\#\\\\$\\\

Writing a database firewall for blocking SQL Injection attacks

杀马特。学长 韩版系。学妹 提交于 2021-01-29 10:27:37
问题 I am studying and researching about different methods of SQL Injection and countermeasures. Checking HackerOne Hacktivities showed me that it's not enough for a web application to just use a WAF (ex. Cloudfront, cloudflare, Akamai, ...) is not enough because hackers use and build WAF bypass payloads to overcome these technologies to make the attacks successful . Searched over the internet for Database Firewall keyword but most links were related to Oracle Database firewall . As I am currently

What IP-addresses do I need to allow the firewall to access geocoder.api.here.com?

二次信任 提交于 2021-01-29 02:27:49
问题 We want to use heremaps geocoder.api. Currently the calls to heremaps are stopped by our local firewall. Our admins told me that it is not possible to add an URL to the firewall rules (geocoder.api.here.com). They need IP-addresses. So the question is: What IP addresses does the service "geocoder.api.here.com" use? Thanks for your answers, Markus 回答1: IP address are dynamic in nature as the APIs are hosted in a cloud environment, the recommendation is to whitelist domain like *.api.here.com

What IP-addresses do I need to allow the firewall to access geocoder.api.here.com?

…衆ロ難τιáo~ 提交于 2021-01-29 02:21:48
问题 We want to use heremaps geocoder.api. Currently the calls to heremaps are stopped by our local firewall. Our admins told me that it is not possible to add an URL to the firewall rules (geocoder.api.here.com). They need IP-addresses. So the question is: What IP addresses does the service "geocoder.api.here.com" use? Thanks for your answers, Markus 回答1: IP address are dynamic in nature as the APIs are hosted in a cloud environment, the recommendation is to whitelist domain like *.api.here.com

Set mod_security to detectionOnly for a specific page?

时光总嘲笑我的痴心妄想 提交于 2020-12-13 11:39:15
问题 If mod_security is set to ON for the whole website, is there a way I can set specific pages to detection_only? Use case is that the application is used to configure websites, and use of CSS or js is very common, but very likely to make modsecurity throw an XSS rule exception. I'd like to detect those exceptions but not block them, on those pages only. However on all other pages I want rule exceptions to block. More gritty detail: The application is actually an IIS application running on

Set mod_security to detectionOnly for a specific page?

心已入冬 提交于 2020-12-13 11:36:30
问题 If mod_security is set to ON for the whole website, is there a way I can set specific pages to detection_only? Use case is that the application is used to configure websites, and use of CSS or js is very common, but very likely to make modsecurity throw an XSS rule exception. I'd like to detect those exceptions but not block them, on those pages only. However on all other pages I want rule exceptions to block. More gritty detail: The application is actually an IIS application running on

WAF is blocking ASP.NET website due to Scriptresource.axd

旧城冷巷雨未停 提交于 2020-01-16 12:03:03
问题 ASP.NET (Framework 3.5, IIS 8.5, windows server 2012R2) with Ajax control toolkit is being blocked by WAF (Web Applications Firewall). Following is the screen shot from WAF These are signatures from WAF I tried disabling ajax components at the web page but still getting same problem. Any suggestions ?? 回答1: It's referencing an ASP.NET padding attack vector that is rated "HIGH". Depending on your WAF this is probably a prebuilt signature blocking your application and may not be directly

WAF is blocking ASP.NET website due to Scriptresource.axd

风格不统一 提交于 2020-01-16 12:02:16
问题 ASP.NET (Framework 3.5, IIS 8.5, windows server 2012R2) with Ajax control toolkit is being blocked by WAF (Web Applications Firewall). Following is the screen shot from WAF These are signatures from WAF I tried disabling ajax components at the web page but still getting same problem. Any suggestions ?? 回答1: It's referencing an ASP.NET padding attack vector that is rated "HIGH". Depending on your WAF this is probably a prebuilt signature blocking your application and may not be directly

How to use Firebase behind Firewall / Proxy?

半世苍凉 提交于 2019-12-25 20:28:23
问题 We are running a simple application that connects to Firebase are reads some data. It fails to connect with the following timeout error: @firebase/database: FIREBASE WARNING: {"code":"app/invalid-credential", "message":"Credential implementation provided to initializeApp() via the \"credential\" property failed to fetch a valid Google OAuth2 access token with the following error: \"Failed to parse access token response: Error: Error while making request: connect ETIMEDOUT We are behind

AWS WAF update ip sets and rules specific to a region from lambda

最后都变了- 提交于 2019-12-12 04:30:02
问题 I am able to successfully update the WAF ip address rule set from lambda if the rule sets are Global (Cloudfront). but if i create a rule set specific to region to be able to use it with APP ELB, the get-ip-set or list-ip-set api's are not retrieving the IP set specific to a region and hence I am not able to update these rule sets directly from lambda. Is there any additional param that needs to be passed to be able to retrieve these rule sets that are region specific 回答1: You need to be