False SQL Injection attack

The web application firewall is treating the following string insertion as a SQL Injection Attack:

in ( what the fxxk ) “0”

Which I do not agree as we can have any variation of the string with the combination of ‘in’, ‘()’ & “”
Anyway to fix this?

You can search for the Rule ID in your WAF rules and disable it if it isn’t appropriate for your site.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.