En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

WAF not blocking sql injection

0

Hi,

How can I check WAF sql injection implementation rule?

We received the request below and WAF sql injection rule didn't block it.

a piece of the request body:

{"id":"'nvOpzp; AND 1=1 OR (<'\">iKO)),"}

Thanks

Sujets
Sécurité, identité et conformité
Balises
AWS WAF
Langue
English
Felipe Gaudio
demandé il y a un an530 vues
2 réponses
0

What rules do you currently have in place?
For the AWS Managed Ruleset, the "AWSManagedRulesSQLiRuleSet" can be set to protect against SQL injection.
https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-use-case.html#aws-managed-rule-groups-use-case-sql-db

Also note that even matching requests will not be blocked unless the rule is set to block instead of count.
https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-action.html

profile picture
EXPERT
Riku_Kobayashi
répondu il y a un an
0

Hi Riku, thanks for you answer.

I have the rule AWSManagedRulesSQLiRuleSet active and also blocking.

I also check in WAF log and the request body is less than 8KB and requestBodySizeInspectedByWAF is equals to requestBodySize, so WAF is checking and allowing the request.

Shouldn't this request be blocked?

Thanks

Felipe Gaudio
répondu il y a un an

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents