WAF rule set update for 2017-04-26 (legacy)

IMPORTANT

As of July 13, 2020, Fastly's original WAF offering became a legacy product. It will continue to be supported for all existing users. As alternatives, Signal Sciences Cloud WAF or Signal Sciences Next-Gen WAF both offer proactive monitoring of and protection against suspicious and anomalous web traffic directed at your applications and origin servers. Each can be controlled via the web interface dashboard or application programming interface (API). Contact sales@fastly.com or your Fastly account team to evaluate or move to the Signal Sciences WAF options.

The following information describes the updates and changes to the rule set.

ID

39EE4tZnEM9Q8hxFJMHYU5

Version

Date

2017-04-26

Type of Change

Global update to the OWASP CRS 3.0 rule set
New Fastly rule for the February 2017 Wordpress Code Injection
New Fastly rule for the March 2017 Apache Struts RCE exploit
Updated Trustwave content inspection rules

Affected Rule Sets

OWASP
Trustwave
Fastly Rules

For more information, see our guide on Fastly WAF rule set updates and maintenance.