WAF rule set update for 2018-03-28 (legacy)
As of July 13, 2020, Fastly's original WAF offering became a legacy product. It will continue to be supported for all existing users. As an alternative, Fastly Next-Gen WAF (powered by Signal Sciences) offers proactive monitoring of and protection against suspicious and anomalous web traffic directed at your applications and origin servers. It can be controlled via the web interface dashboard or application programming interface (API). Contact firstname.lastname@example.org or your Fastly account team to evaluate or move to the Fastly Next-Gen WAF option.
The following information describes the updates and changes to the rule set.
Type of Change
- Introduce new Fastly internal rule 4170000, which mitigates Drupal sa-core-2018-002 attack
- Updated Fastly internal 4112060 Wordpress PingBack rule
- Updated Fastly internal rules that protect against DDoS bots (Rule IDs: 4112013 and 4112016)
Affected Rule Sets
- Fastly Rules