Staff & Editor

Technical Tip: SQL/XSS Syntax Based Detection injection exception

Forum|Forum|1 year ago
November 19, 2024
0 replies
569 views

Description

This article describes configuring Client IP exception when false positive SQL/XSS Syntax Based Detection injection triggered.

Scope

FortiWeb.

Solution

Certain application functionalities or data inputs from client could inadvertently trigger SQL/XSS Syntax Based Detection. If the triggers verified as false positive, an exception can be made to allow it(depending to trigger factor). In this example, exception by Client IP is made.

Sample Attack Log:

Steps to make exceptions:

Select the Message field value.

Configure exception elements.

Note: Other element type can be configured depending on the matching criteria required.
Exception will be applied in respective SQL/XSS Syntax Based Detection profile and subtype.
Alternatively, exceptions also can be done directly in the SQL/XSS Syntax-Based Detection profile.

Web Protection -> Advanced Protection -> SQL/XSS Syntax Based Detection.

For more information, refer to FortiWeb SQL/XSS Syntax Based Detection injection documentation:

Syntax-based SQL/XSS injection detection

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded