Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 1 subscriber
  • Views 13723 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SQL Injection Attack blocks login to webpage

oscar@meos.nl
After upgrading to UTM 9.2 my webserver was unavailable to customers. They got to the login screen, but after entering their credentials they got an error message saying reports could not be loaded. After some tinkering with the settings, I found the problem was solved by disabling SQL Injection Attack in the default firewall profile. In UTM 9.1 the SQL Injection Attack filtering option was active without any problems. [:S]

Any thoughts on this? Thanks in advance.


This thread was automatically locked due to age.
Parents
  • 0
    hi there,

    you must configure the "Rigid Filtering". As an example, for Outlook Webb App you must skip following filter rules:

    981204
    981176
    960010
    981173
    981203
    970003
    960035
    960904
    970901
    981200
    981205
    981260
    981318
    981172
    981320
    981319
    950901
    973338
    973337

    In your e example, you should find the id "[id "981318]" that must be added.
Reply
  • 0
    hi there,

    you must configure the "Rigid Filtering". As an example, for Outlook Webb App you must skip following filter rules:

    981204
    981176
    960010
    981173
    981203
    970003
    960035
    960904
    970901
    981200
    981205
    981260
    981318
    981172
    981320
    981319
    950901
    973338
    973337

    In your e example, you should find the id "[id "981318]" that must be added.
Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?