WAF Rule ID 356137
Alert message: Atomicorp.com WAF Rules: Potential Open Proxy Abuse - GeoIP Country Code Mismatch of X-Forwarded-For Request Header and Client REMOTE_ADDR
Rule Class: Generic Attack Ruleset (80_asl_proxy_abuse.conf)
Version: ‘2.2.6’
Severity: Critical (HIDS: 9)
HTTP Protocol Phase: 1
HTTP Status:
Action:
Transforms:
Log Types:
Description:
Atomicorp.com WAF Rules: Potential Open Proxy Abuse - GeoIP Country Code Mismatch of X-Forwarded-For Request Header and Client REMOTE_ADDR
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
None.
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References:
None.