WAF rule set update for 2019-03-25

The following information describes the updates and changes to the rule set.

ID

1PD2HFpi6qwkAsePake7pw

Version

v11

Date

2019-03-25

Type of Change

• Introduced new Fastly rule 4170010, which detects CVE-2019-6340 (Drupal 8 core Highly critical RCE)
• Introduced new Fastly rule 4170020, which detects the Magento Magestore Store Locator extension vulnerability
• Updated Fastly rule 4112031 to include additional user agents
• Updated Fastly rules 4113001, 4120010, and 4120011 to show correct match data
• Removed OWASP rules 905100 and 905110, which would never match
• Updated OWASP rules 932100 and 932110 to avoid false positives for Windows and UNIX command injection

Affected Rule Sets

• OWASP
• Fastly Rules

For more information, see our guide on Fastly WAF rule set updates and maintenance.

Was this guide helpful?

Yes No

Tell us what worked and what we could do better.

Do not use this form to send sensitive information. If you need assistance, contact support@fastly.com.

Back to Top