WAF Rule ID 377360
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Wordpress Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 5
HTTP Status:
Action: pass
Options: No active Response
Transforms:
Log Types:
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Wordpress Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377390
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Wordpress Login with no user-agent or referrer, Bot attempting Wordpress Login
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 3
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 2
HTTP Status: 403
Action: deny
Transforms:
lowercase
urlDecodeUni
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Wordpress Login with no user-agent or referrer, Bot attempting Wordpress Login
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377391
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Wordpress Login with empty user-agent and referrer, possible bot
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 4
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 2
HTTP Status: 403
Action: deny
Transforms:
lowercase
urlDecodeUni
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Wordpress Login with empty user-agent and referrer, possible bot
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377609
Alert message: Atomicorp.com WAF Rules - Bruteforce Login Failure Detection: WordPress Multiple Simultaneous Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 4
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 2
HTTP Status: 403
Action: deny
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Bruteforce Login Failure Detection: WordPress Multiple Simultaneous Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377619
Alert message: Atomicorp.com WAF Rules - Bruteforce Login Failure Detection: WordPress Multiple Simultaneous Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 2
HTTP Status: 403
Action: deny
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Bruteforce Login Failure Detection: WordPress Multiple Simultaneous Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377368
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Multiple Wordpress Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 2
HTTP Status: 403
Action: deny
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Multiple Wordpress Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377367
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Multiple Wordpress Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 2
HTTP Status: 403
Action: deny
Transforms:
lowercase
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Multiple Wordpress Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 378410
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: WHMCS login failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: WHMCS login failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377410
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Recaptcha invalid code
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Recaptcha invalid code
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377300
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: VBulletin Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: VBulletin Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377301
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: PHPBB Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: PHPBB Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377302
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Wikimedia Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Wikimedia Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377303
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Sugarcrm Administration system Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Sugarcrm Administration system Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377304
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Joomla Administration Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 5
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Joomla Administration Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377305
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: WordPress Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: WordPress Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377605
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: WordPress Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: WordPress Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377679
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: WordPress Multiple Simultaneous Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: deny
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: WordPress Multiple Simultaneous Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377689
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: WordPress Multiple Simultaneous Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: deny
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: WordPress Multiple Simultaneous Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377625
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: WordPress Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 3
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: WordPress Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377626
Alert message: Atomicorp.com WAF Rules: Potential WordPress Method Probe Detected
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 3
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules: Potential WordPress Method Probe Detected
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377306
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Wordpress invalid username failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Wordpress invalid username failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377308
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Drupal invalid username or password failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Drupal invalid username or password failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377309
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Typo3 invalid username or password failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Typo3 invalid username or password failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377310
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: MODX invalid username failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: MODX invalid username failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377311
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: MODX password login failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: MODX password login failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377312
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Moodle login failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Moodle login failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377313
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Plesk login failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Plesk login failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377314
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Oscommerce customer login failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Oscommerce customer login failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377315
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Oscommerce admin login failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Oscommerce admin login failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377323
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: ZenCart customer login failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: ZenCart customer login failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377316
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: ZenCart admin login failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: ZenCart admin login failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377317
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Dokuwiki login failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Dokuwiki login failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377319
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Magento admin login failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Magento admin login failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377320
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Prestashop login failure (invalid password)
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Prestashop login failure (invalid password)
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377321
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Prestashop login failure (invalid email)
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Prestashop login failure (invalid email)
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377322
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Prestashop login failure (blank password)
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Prestashop login failure (blank password)
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377326
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: PHPBB Login Attempt Failure - Incorrect Username
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 1
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: PHPBB Login Attempt Failure - Incorrect Username
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377307
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: ASL GUI invalid username or password failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 3
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 4
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: ASL GUI invalid username or password failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377363
Alert message: Atomicorp.com WAF Rules - Login Failure Detection: Cpanel WHM Login Attempt Failure
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 5
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Failure Detection: Cpanel WHM Login Attempt Failure
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 377364
Alert message: Atomicorp.com WAF Rules - Login Detection: Cpanel WHM root Login succeeded
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version: 2
Severity: Emergency (HIDS: 14)
HTTP Protocol Phase: 5
HTTP Status: 403
Action: pass
Options: No active Response
Transforms:
Log Types:
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Detection: Cpanel WHM root Login succeeded
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 307367
Alert message: Atomicorp.com WAF Rules - Login Brute Force: Wordpress Authentication Probes detected .
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version:
Severity: Critical (HIDS: 9)
HTTP Protocol Phase: 2
HTTP Status: 403
Action: deny
Transforms:
lowercase
urlDecodeUni
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules - Login Brute Force: Wordpress Authentication Probes detected .
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.
WAF Rule ID 317368
Alert message: Atomicorp.com WAF Rules: WHMCS brute force probe blocked.
Rule Class: Generic Attack Ruleset (12_asl_brute.conf)
Version:
Severity: Critical (HIDS: 9)
HTTP Protocol Phase: 2
HTTP Status: 403
Action: deny
Transforms:
lowercase
urlDecodeUni
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Atomicorp.com WAF Rules: WHMCS brute force probe blocked.
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.