WAF Rule ID 344372

Alert message: XML eXternal Entity: Local / Remote File Inclusion attempt

Rule Class: Generic Attack Ruleset (14_asl_xxe_protection.conf)

Version: 1

Severity: Emergency (HIDS: 14)

HTTP Protocol Phase: 2

HTTP Status: 403

Action: deny

Transforms:

compressWhitespace
urlDecode

Log Types:

Description:

XML eXternal Entity: Local / Remote File Inclusion attempt

Troubleshooting:

False Positives:

Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

Configuration Notes:

enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above

Tuning guidance Notes:

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules

Additional Information:

Similar rules:

None.

Outside References:

None.

WAF Rule ID 344373

Alert message: XML eXternal Entity: DoS attempt

Rule Class: Generic Attack Ruleset (14_asl_xxe_protection.conf)

Version: 1

Severity: Emergency (HIDS: 14)

HTTP Protocol Phase: 2

HTTP Status: 403

Action: deny

Transforms:

compressWhitespace
urlDecode

Log Types:

Description:

XML eXternal Entity: DoS attempt

Troubleshooting:

False Positives:

Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

Configuration Notes:

enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above

Tuning guidance Notes:

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules

Additional Information:

Similar rules:

None.

Outside References:

None.