Get IPS block - HTTP.URI.SQL.Injection

Hi

Customer have web connection to local server and I get following error:

Profile default
Attack Name HTTP.URI.SQL.Injection
Attack ID 15,621
Reference https://fortiguard.fortinet.com/encyclopedia/ips/15621
Incident Serial 73,033,816
Direction outgoing
Severity
High

Message web_misc: HTTP.URI.SQL.Injection

It seems that Firewall discovers and block malicious access.

Now i disable ips on policy rule.

How can enable it on this specific server?

Best answer by AEK

Hi

Create a new IPS profile (or clone the existing) in which you enable the related signature.

Then create a rule dedicated for the server and use the above created IPS profile.

AEKAnswer

SuperUser

Hi

Create a new IPS profile (or clone the existing) in which you enable the related signature.

Then create a rule dedicated for the server and use the above created IPS profile.

AEK

Sign up