OWASP rule disabled but still used for score

freitasm · July 2, 2021, 8:18pm

Hi folks

Using the new WAF model. I have disabled a few OWASP rules based on the usage profile for our site. Despite this, some of these are still being used to score requests.

For example rule 942460 is off:

But when I look at the WAF logs, this rule is used to score a request:

This happens with quite a few rules actually… Any idea or should I check with support?

freitasm · July 2, 2021, 9:17pm

Raised ticket #2198396 with some Ray ID for example.

system · July 17, 2021, 9:18pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
WAF Rule based on Threat Score Security	1	2617	January 15, 2021
Normal requests were blocked by OWASP Core Ruleset （949110: Inbound Anomaly Score Exceeded） Security	3	2868	December 17, 2022
Bypassing or at least finding WAF managed Rule Security	2	3048	December 24, 2021
Inbound Anomaly Score Exceeded in WAF General	6	29296	April 23, 2019
WAF - OWASP total score and Ajax requests Security	2	2983	May 20, 2020

OWASP rule disabled but still used for score

Related topics