![]() ![]() ![]() RFI (Remote File Inclusion) in web applications byĮmbedding URLs that contain IPv4 addresses. Inspects the request body for attempts to exploit Examples include patterns likeĪwswaf:managed:aws:core-rule-set:GenericRFI_QueryArguments Web applications by embedding URLs that contain IPv4Īddresses. Inspects the values of all query parameters forĪttempts to exploit RFI (Remote File Inclusion) in Inspects for requests whose query arguments contain system file extensions that areĪwswaf:managed:aws:core-rule-set:RestrictedExtensions_QueryArguments Example patterns includeĪwswaf:managed:aws:core-rule-set:RestrictedExtensions_URIPath Inspects for requests whose URI paths contain system file extensions that are For more information, seeĪwswaf:managed:aws:core-rule-set:GenericLFI_Body This rule only inspects the first 8 KB of the request body, and it uses the Continue option for oversize content handling. Path traversal attempts using techniques likeĪwswaf:managed:aws:core-rule-set:GenericLFI_URIPath Include path traversal attempts using techniquesĪwswaf:managed:aws:core-rule-set:GenericLFI_QueryArguments Inspects for the presence of Local File Inclusion Inspects for attempts to exfiltrate Amazon EC2 metadataĪwswaf:managed:aws:core-rule-set:EC2MetaDataSSRF_URIPathĪwswaf:managed:aws:core-rule-set:EC2MetaDataSSRF_QueryArguments For more information, seeĪwswaf:managed:aws:core-rule-set:EC2MetaDataSSRF_Cookie This rule only inspects the first 8 KB of the request cookies or the first 200 cookies, whichever limit is reached first, and it uses the Continue option for oversize content handling.
0 Comments
Leave a Reply. |