.. _waf_template: waf template ============ Manage WAF template configuration template Specification ---------------------- ===================================== ============================================================ ===================================== ============================================================ **Type** *Collection* **Object Key(s)** *name* **Collection Name** :ref:`1834_template_list` **Collection URI** /axapi/v3/waf/template **Element Name** template **Element URI** /axapi/v3/waf/template/{name} **Element Attributes** template_attributes **Schema** :download:`template schema ` ===================================== ============================================================ **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Create Object .. raw:: html POST .. raw:: html /axapi/v3/waf/template .. raw:: html :ref:`1834_template_attributes` .. raw:: html
Create List .. raw:: html POST .. raw:: html /axapi/v3/waf/template .. raw:: html :ref:`1834_template_attributes` .. raw:: html
Get Object .. raw:: html GET .. raw:: html /axapi/v3/waf/template/{name} .. raw:: html :ref:`1834_template_attributes` .. raw:: html
Get List .. raw:: html GET .. raw:: html /axapi/v3/waf/template .. raw:: html :ref:`1834_template_list` .. raw:: html
Modify Object .. raw:: html POST .. raw:: html /axapi/v3/waf/template/{name} .. raw:: html :ref:`1834_template_attributes` .. raw:: html
Replace Object .. raw:: html PUT .. raw:: html /axapi/v3/waf/template/{name} .. raw:: html :ref:`1834_template_attributes` .. raw:: html
Replace List .. raw:: html PUT .. raw:: html /axapi/v3/waf/template .. raw:: html :ref:`1834_template_list` .. raw:: html
Delete Object .. raw:: html DELETE .. raw:: html /axapi/v3/waf/template/{name} .. raw:: html :ref:`1834_template_attributes` .. raw:: html
.. _1834_template_list: template-list ------------- template-list is **JSON List** of :ref:`1834_template_attributes` template-list : [ { :ref:`1834_template_attributes` }, { :ref:`1834_template_attributes` }, ... ] .. _1834_template_attributes: template attributes ------------------- **allowed-http-methods** **Description** List of allowed HTTP methods. Default is "GET POST". (List of HTTP methods allowed (default "GET POST")) **Type:** string **Format:** string-rlx **Maximum Length:** 255 characters **Maximum Length:** 1 characters **Default:** GET POST **bot-check** **Description** Check User-Agent for known bots **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **bot-check-policy-file** **Description** Name of WAF policy list file **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **brute-force-challenge-limit** **Description** Maximum brute-force events before sending challenge (default 2) (Maximum brute-force events before locking out client (default 2)) **Type:** number **Range:** 0-65535 **Default:** 2 **brute-force-check** **Description** Enable brute-force attack mitigation **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **brute-force-global** **Description** Brute-force triggers apply globally instead of per-client (Apply brute-force triggers globally) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **brute-force-lockout-limit** **Description** Maximum brute-force events before locking out client (default 5) **Type:** number **Range:** 0-65535 **Default:** 5 **brute-force-lockout-period** **Description** Number of seconds client should be locked out (default 600) **Type:** number **Range:** 0-1800 **Default:** 600 **brute-force-resp-codes** **Description** Trigger brute-force check on HTTP response code **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **brute-force-resp-codes-file** **Description** Name of WAF policy list file **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **brute-force-resp-headers** **Description** Trigger brute-force check on HTTP response header names **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **brute-force-resp-headers-file** **Description** Name of WAF policy list file **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **brute-force-resp-string** **Description** Trigger brute-force check on HTTP response line **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **brute-force-resp-string-file** **Description** Name of WAF policy list file **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **brute-force-test-period** **Description** Number of seconds for brute-force event counting (default 60) **Type:** number **Range:** 0-600 **Default:** 60 **ccn-mask** **Description** Mask credit card numbers in response **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **challenge-action-cookie** **Description** Use Set-Cookie to determine if client allows cookies **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **challenge-action-javascript** **Description** Add JavaScript to response to test if client allows JavaScript **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **cookie-encryption-secret** **Description** Cookie encryption secret **Type:** string **Format:** password **Maximum Length:** 128 characters **Maximum Length:** 1 characters **cookie-name** **Description** Cookie name (simple string or PCRE pattern) **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **csrf-check** **Description** Tag the form to protect against Cross-site Request Forgery **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **decode-entities** **Description** Decode entities in internal url **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **decode-escaped-chars** **Description** Decode escaped characters such as \r \n \" \xXX \u00YY in internal url **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **decode-hex-chars** **Description** Decode hex chars such as \%xx and \%u00yy in internal url **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **deny-non-masked-passwords** **Description** Denies forms that have a password field with a textual type, resulting in this field not being masked **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **deny-non-ssl-passwords** **Description** Denies any form that has a password field if the form is not sent over an SSL connection **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **deny-password-autocomplete** **Description** Check to protect against server-generated form which contain password fields that allow autocomplete **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **deploy-mode** **Description** 'active': Deploy WAF in active (blocking) mode; 'passive': Deploy WAF in passive (log-only) mode; 'learning': Deploy WAF in learning mode; **Type:** string **Supported Values:** active, passive, learning **Default:** active **disable** **Description** Disable buffer overflow protection **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **filter-resp-hdrs** **Description** Removes web server's identifying headers **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **form-consistency-check** **Description** Form input consistency check **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **form-deny-non-post** **Description** Deny request with forms if the method is not POST **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **form-deny-non-ssl** **Description** Deny request with forms if the protocol is not SSL **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **form-set-no-cache** **Description** Disable caching of form-containing responses **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **hide-resp-codes** **Description** Hides response codes that are not allowed (default 4xx, 5xx) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **hide-resp-codes-file** **Description** Name of WAF policy list file **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **http-check** **Description** Check request for HTTP protocol compliance **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **http-redirect** **Description** Send HTTP redirect response (302 Found) to specifed URL (URL to redirect to when denying request) **Type:** string **Format:** string-rlx **Maximum Length:** 255 characters **Maximum Length:** 1 characters **Mutual Exclusion:** http-redirecthttp-resp-200, reset-conn and http-resp-403 are mutually exclusive **http-resp-200** **Description** Send HTTP response with status code 200 OK **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** http-resp-200http-redirect, reset-conn and http-resp-403 are mutually exclusive **http-resp-403** **Description** Send HTTP response with status code 403 Forbidden (default) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** http-resp-403http-redirect, http-resp-200 and reset-conn are mutually exclusive **json-format-check** **Description** Check HTTP body for JSON format compliance **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **keep-end** **Description** Number of unmasked characters at the end (default: 0) **Type:** number **Range:** 0-65535 **keep-start** **Description** Number of unmasked characters at the beginning (default: 0) **Type:** number **Range:** 0-65535 **lifetime** **Description** Session lifetime in minutes (default 10) **Type:** number **Range:** 1-1440 **log-succ-reqs** **Description** Log successful waf requests **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **logging** **Description** Logging template (Logging Config name) **Type:** string **Format:** string-rlx **Maximum Length:** 128 characters **Maximum Length:** 1 characters **Reference Object:** :doc:`/axapi/v3/slb/template/logging ` **mask** **Description** Character to mask the matched pattern (default: X) **Type:** string **Format:** string-rlx **Maximum Length:** 1 characters **Maximum Length:** 1 characters **max-array-value-count** **Description** Maximum number of values in an array in a JSON request body (default 256) (Maximum number of values in a JSON array (default 256)) **Type:** number **Range:** 0-4096 **Default:** 256 **max-attr** **Description** Maximum number of attributes of an XML element (default 256) **Type:** number **Range:** 0-256 **Default:** 256 **max-attr-name-len** **Description** Maximum length of an attribute name (default 128) **Type:** number **Range:** 0-2048 **Default:** 128 **max-attr-value-len** **Description** Maximum length of an attribute text value (default 128) **Type:** number **Range:** 0-4096 **Default:** 128 **max-cdata-len** **Description** Maximum length of an CDATA section of an element (default 65535) **Type:** number **Range:** 0-65535 **Default:** 65535 **max-cookie-len** **Description** Max Cookie length allowed in request (default 4096) (Maximum length of cookie allowed (default 4096)) **Type:** number **Range:** 0-65535 **Default:** 4096 **max-cookie-name-len** **Description** Max Cookie Name length allowed in request (default 64) ( Maximum length of cookie name allowed (default 64)) **Type:** number **Range:** 0-65535 **Default:** 64 **max-cookie-value-len** **Description** Max Cookie Value length allowed in request (default 4096) (Maximum length of cookie value allowed (default 4096)) **Type:** number **Range:** 0-65535 **Default:** 4096 **max-cookies** **Description** Maximum number of cookies allowed in request (default 20) **Type:** number **Range:** 0-1023 **Default:** 20 **max-cookies-len** **Description** Max Total Cookies length allowed in request (default 4096) (Maximum total length of cookies allowed (default 4096)) **Type:** number **Range:** 0-65535 **Default:** 4096 **max-data-parse** **Description** Max data parsed for Web Application Firewall (default 65536) (Maximum data parsed for Web Application Firewall (default 65536)) **Type:** number **Range:** 0-262144 **Default:** 65536 **max-depth** **Description** Maximum recursion depth in a value in a JSON requesnt body (default 16) (Maximum recursion depth in a JSON value (default 16)) **Type:** number **Range:** 0-4096 **Default:** 16 **max-elem** **Description** Maximum number of XML elements (default 1024) **Type:** number **Range:** 0-8192 **Default:** 1024 **max-elem-child** **Description** Maximum number of children of an XML element (default 1024) **Type:** number **Range:** 0-4096 **Default:** 1024 **max-elem-depth** **Description** Maximum recursion level for element definition (default 256) **Type:** number **Range:** 0-4096 **Default:** 256 **max-elem-name-len** **Description** Maximum length for an element name (default 128) **Type:** number **Range:** 0-65535 **Default:** 128 **max-entities** **Description** Maximum number of MIME entities allowed in request (default 10) **Type:** number **Range:** 0-512 **Default:** 10 **max-entity-exp** **Description** Maximum number of entity expansions (default 1024) **Type:** number **Range:** 0-1024 **Default:** 1024 **max-entity-exp-depth** **Description** Maximum nested depth of entity expansion (default 32) **Type:** number **Range:** 0-32 **Default:** 32 **max-hdr-name-len** **Description** Max header name length allowed in request (default 63) (Maximum length of header name allowed (default 63)) **Type:** number **Range:** 0-63 **Default:** 63 **max-hdr-value-len** **Description** Max header value length allowed in request (default 4096) (Maximum length of header value allowed (default 4096)) **Type:** number **Range:** 0-65535 **Default:** 4096 **max-hdrs** **Description** Maximum number of headers allowed in request (default 20) **Type:** number **Range:** 0-255 **Default:** 20 **max-hdrs-len** **Description** Max headers length allowed in request (default 4096) (Maximum length of headers allowed (default 4096)) **Type:** number **Range:** 0-65535 **Default:** 4096 **max-line-len** **Description** Max Line length allowed in request (default 1024) (Maximum length of Request line allowed (default 1024)) **Type:** number **Range:** 0-16127 **Default:** 1024 **max-namespace** **Description** Maximum number of namespace declarations (default 16) **Type:** number **Range:** 0-256 **Default:** 16 **max-namespace-uri-len** **Description** Maximum length of a namespace URI (default 256) **Type:** number **Range:** 0-1024 **Default:** 256 **max-object-member-count** **Description** Maximum number of members in an object in a JSON request body (default 256) (Maximum number of members in a JSON object (default 256)) **Type:** number **Range:** 0-4096 **Default:** 256 **max-parameter-name-len** **Description** Max HTML parameter name length in an HTTP request (default 256) (Maximum HTML parameter name length in an HTTP request (default 256)) **Type:** number **Range:** 0-1024 **Default:** 256 **max-parameter-total-len** **Description** Max HTML parameter total length in an HTTP request (default 4096) (Maximum HTML parameter total length in an HTTP request (default 4096)) **Type:** number **Range:** 0-102400000 **Default:** 4096 **max-parameter-value-len** **Description** Max HTML parameter value length in an HTTP request (default 4096) (Maximum HTML parameter value in an HTTP request (default 4096)) **Type:** number **Range:** 0-102400000 **Default:** 4096 **max-parameters** **Description** Maximum number of HTML parameters allowed in request (default 64) **Type:** number **Range:** 0-1024 **Default:** 64 **max-post-size** **Description** Max content length allowed in POST request (default 20480) (Maximum size allowed content in an HTTP POST request (default 20480)) **Type:** number **Range:** 0-2147483647 **Default:** 20480 **max-query-len** **Description** Max Query length allowed in request (default 1024) (Maximum length of Request query allowed (default 1024)) **Type:** number **Range:** 0-16127 **Default:** 1024 **max-string** **Description** Maximum length of a string in a JSON request body (default 64) (Maximum length of a JSON string (default 64)) **Type:** number **Range:** 0-4096 **Default:** 64 **max-url-len** **Description** Max URL length allowed in request (default 1024) (Maximum length of URL allowed (default 1024)) **Type:** number **Range:** 0-16127 **Default:** 1024 **name** **Description** WAF Template Name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **pcre-mask** **Description** Mask matched PCRE pattern in response **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **pcre-match-limit** **Description** Maximum number of matches allowed (default 30000) **Type:** number **Range:** 1000-1500000 **Default:** 30000 **pcre-match-recursion-limit** **Description** Maximum levels of recursive allowed (default 5000) **Type:** number **Range:** 100-150000 **Default:** 5000 **redirect-wlist** **Description** Check Redirect URL against list of previously learned redirects **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **referer-check** **Description** Check referer to protect against CSRF attacks **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **referer-domain-list** **Description** List of referer domains allowed **Type:** string **Format:** string-rlx **Maximum Length:** 255 characters **Maximum Length:** 1 characters **Mutual Exclusion:** referer-domain-list and referer-domain-list-only are mutually exclusive **referer-domain-list-only** **Description** List of referer domains allowed **Type:** string **Format:** string-rlx **Maximum Length:** 255 characters **Maximum Length:** 1 characters **Mutual Exclusion:** referer-domain-list-only and referer-domain-list are mutually exclusive **referer-safe-url** **Description** Safe URL to redirect to if referer is missing **Type:** string **Format:** string-rlx **Maximum Length:** 255 characters **Maximum Length:** 1 characters **remove-comments** **Description** Remove comments from internal url **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **remove-selfref** **Description** Remove self-references such as /./ and /path/../ from internal url **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **remove-spaces** **Description** Remove spaces from internal url **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **reset-conn** **Description** Reset the client connection **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** reset-connhttp-redirect, http-resp-200 and http-resp-403 are mutually exclusive **resp-url-200** **Description** Response content to send client when denying request **Type:** string **Format:** string-rlx **Maximum Length:** 255 characters **Maximum Length:** 1 characters **resp-url-403** **Description** Response content to send client when denying request **Type:** string **Format:** string-rlx **Maximum Length:** 255 characters **Maximum Length:** 1 characters **secret-encrypted** **Description** Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string) **session-check** **Description** Enable session checking via session cookie **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **soap-format-check** **Description** Check XML document for SOAP format compliance **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **sqlia-check** **Description** 'reject': Reject requests with SQLIA patterns; 'sanitize': Remove bad SQL from request; **Type:** string **Supported Values:** reject, sanitize **sqlia-check-policy-file** **Description** Name of WAF policy list file **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **ssn-mask** **Description** Mask US Social Security numbers in response **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **uri-blist-check** **Description** specify name of WAF policy list file to blacklist **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **uri-wlist-check** **Description** specify name of WAF policy list file to whitelist **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **url-check** **Description** Check URL against list of previously learned URLs **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters **waf-blist-file** **Description** Name of WAF policy list file **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **waf-wlist-file** **Description** Name of WAF policy list file **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters **wsdl-file** **Description** Specify name of WSDL file for verifying XML body contents **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** wsdl-file and wsdl-resp-val-file are mutually exclusive **wsdl-resp-val-file** **Description** Specify name of WSDL file for verifying XML body contents **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** wsdl-resp-val-file and wsdl-file are mutually exclusive **xml-format-check** **Description** Check HTTP body for XML format compliance **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **xml-schema-file** **Description** Specify name of XML-Schema file for verifying XML body contents **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** xml-schema-file and xml-schema-resp-val-file are mutually exclusive **xml-schema-resp-val-file** **Description** Specify name of XML-Schema file for verifying XML body contents **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** xml-schema-resp-val-file and xml-schema-file are mutually exclusive **xml-sqlia-check** **Description** Check XML data against SQLIA policy **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **xml-xss-check** **Description** Check XML data against XSS policy **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **xss-check** **Description** 'reject': Reject requests with bad cookies; 'sanitize': Remove bad cookies from request; **Type:** string **Supported Values:** reject, sanitize **xss-check-policy-file** **Description** Name of WAF policy list file **Type:** string **Maximum Length:** 128 characters **Maximum Length:** 1 characters .. _1834_stats_data: stats data ---------- .. list-table:: :widths: 10 20 30 80 :header-rows: 2 :stub-columns: 1 * - - Counter - Size - Description * - - - - * - - redirect_wlist_fail - 2 - Redirect Whitelist Failure * - - cookie_encrypt_limit_exceeded - 2 - Cookie Encrypt Limit Exceeded * - - wsdl_succ - 2 - WSDL Success * - - sqlia_chk_url_succ - 2 - SQLIA Check URL Success * - - bot_check_succ - 2 - Botnet Check Success * - - sessions_alloc - 2 - Sessions allocated * - - buf_ovf_cookie_name_len_fail - 2 - Buffer Overflow - Cookie Name Length Failure * - - redirect_wlist_learn - 2 - Redirect Whitelist Learn * - - xml_limit_elem_child - 2 - XML Limit Element Child * - - buf_ovf_parameter_value_len_fail - 2 - Buffer Overflow - HTML Parameter Value Length Failure * - - ccn_mask_visa - 2 - Credit Card Number Mask Visa * - - xss_chk_cookie_succ - 2 - XSS Check Cookie Success * - - buf_ovf_cookies_len_fail - 2 - Buffer Overflow - Cookies Length Failure * - - redirect_wlist_succ - 2 - Redirect Whitelist Success * - - json_check_failure - 2 - JSON Check Failure * - - xss_chk_post_reject - 2 - XSS Check Post Rejected * - - xss_chk_url_reject - 2 - XSS Check URL Rejected * - - form_consistency_succ - 2 - Form Consistency Success * - - xml_limit_cdata_len - 2 - XML Limit CData Length * - - xml_check_failure - 2 - XML Check Failure * - - num_resets - 2 - Number Resets * - - referer_check_succ - 2 - Referer Check Success * - - sqlia_chk_post_succ - 2 - SQLIA Check Post Success * - - xss_chk_url_sanitize - 2 - XSS Check URL Sanitized * - - cookie_encrypt_succ - 2 - Cookie Encrypt Success * - - buf_ovf_parameter_total_len_fail - 2 - Buffer Overflow - HTML Parameter Total Length Failure * - - soap_check_succ - 2 - Soap Check Success * - - sessions_freed - 2 - Sessions freed * - - max_cookies_fail - 2 - Max Cookies Failure * - - json_limit_array_value_count - 2 - JSON Limit Array Value Count * - - xml_limit_entity_exp_depth - 2 - XML Limit Entity Exp Depth * - - json_check_succ - 2 - JSON Check Success * - - resp_code_hidden - 2 - Response Code Hidden * - - xml_sqlia_chk_fail - 2 - XML Sqlia Check Failure * - - xss_chk_post_succ - 2 - XSS Check Post Success * - - form_consistency_fail - 2 - Form Consistency Failure * - - http_check_fail - 2 - Http Check Failure * - - url_check_succ - 2 - URL Check Success * - - sqlia_chk_url_sanitize - 2 - SQLIA Check URL Sanitized * - - xss_chk_cookie_reject - 2 - XSS Check Cookie Rejected * - - brute_force_success - 2 - Brute-force checks passed * - - max_entities_fail - 2 - Max Entities Failure * - - xml_limit_attr - 2 - XML Limit Attribue * - - http_method_check_fail - 2 - Http Method Check Failure * - - form_non_ssl_reject - 2 - Form Non SSL Rejected * - - xss_chk_post_sanitize - 2 - XSS Check Post Sanitized * - - form_set_no_cache - 2 - Form Set No Cache * - - xml_schema_succ - 2 - XML Schema Success * - - sqlia_chk_url_reject - 2 - SQLIA Check URL Rejected * - - xml_check_succ - 2 - XML Check Success * - - sess_check_none - 2 - Session Check None * - - xml_limit_namespace - 2 - XML Limit Namespace * - - wsdl_fail - 2 - WSDL Failure * - - post_form_check_succ - 2 - Post Form Check Success * - - buf_ovf_query_len_fail - 2 - Buffer Overflow - Query Length Failure * - - sqlia_chk_post_reject - 2 - SQLIA Check Post Rejected * - - form_password_autocomplete - 2 - Form Password Autocomplete * - - permitted - 2 - Honor threshold count * - - xml_xss_chk_fail - 2 - XML XSS Check Failure * - - buf_ovf_url_len_fail - 2 - Buffer Overflow - URL Length Failure * - - buf_ovf_cookie_len_fail - 2 - Buffer Overflow - Cookie Length Failure * - - challenge_javascript_sent - 2 - JavaScript challenge sent * - - form_csrf_tag_succ - 2 - Form CSRF tag Success * - - xss_chk_cookie_sanitize - 2 - XSS Check Cookie Sanitized * - - xml_limit_entity_exp - 2 - XML Limit Entity Exp * - - ccn_mask_diners - 2 - Credit Card Number Mask Diners * - - sess_check_succ - 2 - Session Check Success * - - json_limit_depth - 2 - JSON Limit Depth * - - cookie_encrypt_skip_rcache - 2 - Cookie Encrypt Skip RCache * - - learn_updates - 2 - Learning Updates * - - req_denied - 2 - Requests Denied * - - http_check_succ - 2 - Http Check Success * - - req_allowed - 2 - Requests Allowed * - - json_limit_object_member_count - 2 - JSON Limit Object Number Count * - - bot_check_fail - 2 - Botnet Check Failure * - - uri_wlist_fail - 2 - URI White List Failure * - - uri_blist_fail - 2 - URI Black List Failure * - - xml_limit_namespace_uri_len - 2 - XML Limit Namespace URI Length * - - challenge_cookie_sent - 2 - Cookie challenge sent * - - sqlia_chk_post_sanitize - 2 - SQLIA Check Post Sanitized * - - ccn_mask_amex - 2 - Credit Card Number Mask Amex * - - num_drops - 2 - Number Drops * - - referer_check_fail - 2 - Referer Check Failure * - - post_form_check_sanitize - 2 - Post Form Check Sanitized * - - cookie_decrypt_succ - 2 - Cookie Decrypt Success * - - max_parameters_fail - 2 - Max Parameters Failure * - - url_check_fail - 2 - URL Check Failure * - - xml_schema_fail - 2 - XML Schema Failure * - - form_non_post_reject - 2 - Form Non Post Rejected * - - buf_ovf_hdrs_len_fail - 2 - Buffer Overflow - Headers length Failure * - - uri_wlist_succ - 2 - URI White List Success * - - form_non_masked_password - 2 - Form Non Masked Password * - - buf_ovf_line_len_fail - 2 - Buffer Overflow - Line Length Failure * - - ccn_mask_discover - 2 - Credit Card Number Mask Discover * - - ssn_mask - 2 - Social Security Number Mask * - - json_limit_string - 2 - JSON Limit String * - - resp_hdrs_filtered - 2 - Response Headers Filtered * - - called - 2 - Threshold check count * - - ccn_mask_mastercard - 2 - Credit Card Number Mask Mastercard * - - xml_sqlia_chk_succ - 2 - XML Sqlia Check Success * - - brute_force_fail - 2 - Brute-force checks failed * - - max_hdrs_fail - 2 - Max Headers Failure * - - xml_limit_attr_name_len - 2 - XML Limit Name Length * - - form_non_ssl_password - 2 - Form Non SSL Password * - - too_many_sessions - 2 - Too many sessions consumed * - - buf_ovf_hdr_value_len_fail - 2 - Buffer Overflow - Header Value Length Failure * - - uri_blist_succ - 2 - URI Black List Success * - - sess_check_fail - 2 - Session Check Failure * - - buf_ovf_hdr_name_len_fail - 2 - Buffer Overflow - Header Name Length Failure * - - resp_denied - 2 - Responses Denied * - - pcre_mask - 2 - PCRE Mask * - - out_of_sessions - 2 - Out of sessions * - - xml_limit_elem - 2 - XML Limit Element * - - buf_ovf_parameter_name_len_fail - 2 - Buffer Overflow - HTML Parameter Name Length Failure * - - xml_limit_attr_value_len - 2 - XML Limit Value Length * - - xml_limit_elem_depth - 2 - XML Limit Element Depth * - - ccn_mask_jcb - 2 - Credit Card Number Mask Jcb * - - cookie_decrypt_fail - 2 - Cookie Decrypt Failure * - - buf_ovf_cookie_value_len_fail - 2 - Buffer Overflow - Cookie Value Length Failure * - - buf_ovf_max_data_parse_fail - 2 - Buffer Overflow - Max Data Parse Failure * - - total_req - 2 - Total Requests * - - xml_limit_elem_name_len - 2 - XML Limit Element Name Length * - - url_check_learn - 2 - URL Check Learn * - - http_method_check_succ - 2 - Http Method Check Success * - - xss_chk_url_succ - 2 - XSS Check URL Success * - - referer_check_redirect - 2 - Referer Check Redirect * - - post_form_check_reject - 2 - Post Form Check Rejected * - - cookie_encrypt_fail - 2 - Cookie Encrypt Failure * - - soap_check_failure - 2 - Soap Check Failure * - - challenge_captcha_sent - 2 - Captcha challenge sent * - - form_csrf_tag_fail - 2 - Form CSRF tag Failure * - - xml_xss_chk_succ - 2 - XML XSS Check Success * - - buf_ovf_post_size_fail - 2 - Buffer Overflow - Post size Failure