Ops One AG

You can subscribe via email or RSS

Tuesday 8th January 2019

Managed Server Version 5: Website Module: Add Additional SQL Injection Rules

Since a few weeks, we see more and more SQL injection attacks with a certain request pattern. While those requests do not led to any security problems, they are usually fired in rapid sucession, which can led to overloaded or slow systems.

Over the holidays, we developed and tested new WAF rules to block this particular requests. As we see the same pattern on many servers and do not expect any problem with those new rules after our testing, we will rollout them to all systems as of now.

Closes #494