WAF rule set update for 2018-08-01  (legacy)

The following information describes the updates and changes to the rule set.

ID

67LUkBwzFzESzumlU2L0T8

Version

v9

Date

2018-08-01

Type of Change

  • Introduced new Fastly internal rule 4134010, which mitigates common XXE attacks
  • Introduced new Fastly internal rule 4112019, which mitigates CtrlFunc Botnet Attack
  • Introduced new Fastly internal rule 4113001, which mitigates suspicious X-Forwarded-Host headers
  • Introduced new Fastly internal rule 4113002, which mitigates X-Forwarded-Host and Host headers that do not match
  • Introduced new Fastly internal rule 4120010, which detects illegal characters found in the client X-Forwarded-Host header
  • Introduced new Fastly internal rule 4120011, which detects illegal characters found in the client X-Forwarded-For header
  • Updated OWASP rule 930130 to include additional restricted files

Affected Rule Sets

  • OWASP
  • Fastly Rules
For more information, see our guide on Fastly WAF rule set updates and maintenance.
Back to Top