WAF rule set update for 2017-08-14  (legacy)

IMPORTANT: Our original WAF offering is now a legacy product. It was superseded by a new version, including a new interface and API, on July 13, 2020. The legacy version will continue to be supported for all existing users. The new version is available to all customers and is the default version for new customers as of July 13, 2020. Customers of the legacy WAF can contact support@fastly.com or their Fastly account team to upgrade.

The following information describes the updates and changes to the rule set.

ID

4Z09wgjp7do8NrOIzlckFS

Version

v3

Date

2017-08-14

Type of Change

• Reintroduction of individual threshold variables: http_violation_score_threshold, lfi_score_threshold, php_injection_score_threshold, rce_score_threshold, rfi_score_threshold, session_fixation_score_threshold, sql_injection_score_threshold, xss_score_threshold
• Removal of unused threshold variables: brute_force_counter_threshold, dos_counter_threshold, outbound_anomaly_score_threshold, trojan_score_threshold
• Additional bug fixes in OWASP rule set

Affected Rule Sets

• OWASP
• Trustwave

For more information, see our guide on Fastly WAF rule set updates and maintenance.

Was this guide helpful?

Yes No

Tell us what worked and what we could do better.

Do not use this form to send sensitive information. If you need assistance, contact support@fastly.com.

Back to Top