WAF Rule ID 360009
Alert message: Atomicorp.com Malicious Domain Output Detector: Malware domain detected in webserver output and NOT BLOCKED. This means your system may be serving up malware.
Rule Class: Generic Attack Ruleset (99_asl_redactor_post.conf)
Version: 2
Severity: Warning (HIDS: 7)
HTTP Protocol Phase: 4
HTTP Status:
Action: pass
Transforms:
htmlEntityDecode
urlDecodeUni
Log Types:
Basic Information (log)
Capture full session (auditlog)
Description:
Troubleshooting:
False Positives:
Instructions to report false positives are detailed at Reporting False Positives If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Configuration Notes:
enabled by: MODSEC_10_RULES
Requires Engine version: 2.9.0 or above
Tuning guidance Notes:
If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the Atomicorp WAF Rules
Additional Information:
Similar rules:
None.
Outside References: