I am trying to save new objetcs in Kibana including URL inside (new MarkDown with link) and it’s being blocked by WAF.
The accessed path is /api/saved_objects/visualization
981176 - Inbound Anomaly Score Exceeded (Total Score:, SQLi=, XSS=)
What can be done to avoid the issue (working with Kibana with no proxy does the job)
I’m Kibana user since early 2020, and this was one of the first issues that I encountered when Kibana is proxied via Cloudflare.
For me, I just bypass WAF for the Kibana hostname by creating a firewall rule:
With the below action if any requests match the expression:
Of course you could just allowlist specific URLs (in this case, /api/saved_objects/visualization), but since I use Cloudflare Access to protect my Kibana endpoint, it’s easier for me to just allowlist the entire hostname.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.
