WAF rule set update for 2017-10-06 (legacy)

IMPORTANT

As of July 13, 2020, Fastly's original WAF offering became a legacy product. It will continue to be supported for all existing users. As an alternative, Fastly Next-Gen WAF (powered by Signal Sciences) offers proactive monitoring of and protection against suspicious and anomalous web traffic directed at your applications and origin servers. It can be controlled via the web interface dashboard or application programming interface (API). Contact sales@fastly.com or your Fastly account team to evaluate or move to the Fastly Next-Gen WAF option.

The following information describes the updates and changes to the rule set.

ID

2vyJNHO7fngQYJXU8UGUY6

Version

Date

2017-10-06

Type of Change

Updates to rule 932140 to account for SAML false positives in Windows
Reintroduction of missing transforms on some OWASP rules
Introduction of Fastly internal rule to protect against CVE-2017-9805

Affected Rule Sets

OWASP
Fastly Rules

For more information, see our guide on Fastly WAF rule set updates and maintenance.