![]() ![]() ![]() The incoming request cookie was unrecognized. ![]() The request line exceeded the maximum allowable length specified in Max Request Line Length on the SECURITY POLICIES > Request Limits page. The request exceeded the total maximum allowable length (including the Request Line, and all HTTP request headers such as User Agent, Cookies, Referer, etc.) specified in Max Request Length on the SECURITY POLICIES > Request Limits page. This is a potential hidden file disclosure attack.Ĭlient attempted to exceed New Session Count maximum set under Session Tracking on the WEBSITES > Advanced Security page. This is a potential hidden file disclosure attack. ![]() Requested URL contained a slash (/) followed by a dot (.). Cookie Replay Protection Type is set to “ IP” or “ IP and Custom Headers” on the SECURITY POLICIES > Cookie Security page to detect this attack. The cookie IP address information does not match the source IP address of the incoming client request. Cookie Replay Protection Type is set to " Custom Headers" or " IP and Custom Headers" on the SECURITY POLICIES > Cookie Security page to detect this attack. The embedded and signed cookie header value sent to the client does not match the incoming value in a subsequent client request. The characters encoded in the URL do not conform to the URL encoding scheme specified in Default Character Set on the SECURITY POLICIES > URL Normalization page. The request header value length exceeded the maximum allowed, specified in Max Header Value Length on the SECURITY POLICIES > Request Limits page. The length of the request header name exceeded the maximum allowed, specified in Max Header Name Length on the SECURITY POLICIES > Request Limits page. The number of request headers exceeded the maximum allowed, specified in Max Number of Headers on the SECURITY POLICIES > Request Limits page. The cookie Tamper Proof Mode on the SECURITY POLICIES > Cookie Security page was Encrypted or Signed. Request Policy Violations Request Policy ViolationsĪ request exceeded the maximum number of cookies specified in Max Number of Cookies on the SECURITY POLICIES > Request Limits page.Ī session cookie Cookie Max Age on the SECURITY POLICIES > Cookie Security page has been exceeded on the client browser.Ī cookie exceeded the maximum allowable length specified in Max Cookie Value Length on the SECURITY POLICIES > Request Limits page.Ī cookie name length exceeded the maximum allowable length specified in Max Cookie Name Length on the SECURITY POLICIES > Request Limits page.Ī request cookie secured with cookie signing or encryption had been tampered. Normalizing and parsing the name or value of a parameter in a query or POST body revealed the request contained a malformed parameter.Īn HTTP request sent with a protocol version number other than 0.9, 1.0 or 1.1 was detected.Īn HTTP request contained more than one Content-Length HTTP request header.Ī POST request lacked the mandatory Content-Length HTTP request header.Īn HTTP request lacked a protocol version number, indicating it was an HTTP/0.9 request. Normalizing a request URI or header components determined it was invalid or malformed.Īn HTTP POST method request had a URL-encoded parameter value exceeding 1024 KB.Ĭontent-Length request header contained non-numeric characters (e.g., metacharacters or alphabetic characters).Ī cookie not conforming to the HTTP cookie specifications was detected.Īn HTTP request end of line lacked the mandatory /r/n characters.Ī header name did not conform to the HTTP protocol specifications. HTTP GET request with Content-Length request header was detected.Īn HTTP/ 1.1 version request lacked the mandatory Host request header.Īn invalid HTTP request header name-value pair was detected.Īn invalid HTTP method detected in request. The following table describes the attack actions under each attack group:Īttempted access to files and commands beyond the document root directory/CGI root directory. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |