waf global¶
WAF global stats
global Specification¶
Type Configuration Resource Element Name global Element URI /axapi/v3/waf/global Element Attributes global_attributes Statistics Data URI /axapi/v3/waf/global/stats Schema global schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/waf/global | ||
Get Object | GET | /axapi/v3/waf/global | ||
Modify Object | POST | /axapi/v3/waf/global | ||
Replace Object | PUT | /axapi/v3/waf/global | ||
Delete Object | DELETE | /axapi/v3/waf/global |
global attributes¶
immediate-action
Description Disable the violation aggregation, take action on first violation
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘total_req’: Total Requests; ‘req_allowed’: Requests Allowed; ‘req_denied’: Requests Denied; ‘resp_denied’: Responses Denied; ‘brute_force_success’: Brute-Force checks passed; ‘brute_force_violation’: Brute-Force checks violation; ‘brute_force_challenge_cookie_sent’: Cookie Challenge Sent; ‘brute_force_challenge_cookie_success’: Cookie Challenge check passed; ‘brute_force_challenge_cookie_violation’: Cookie challenge violation; ‘brute_force_challenge_javascript_sent’: JavaScript challenge sent; ‘brute_force_challenge_javascript_success’: JavaScript challenge check passed; ‘brute_force_challenge_javascript_violation’: JavaScript challenge violation; ‘brute_force_challenge_captcha_sent’: Captcha challenge sent; ‘brute_force_challenge_captcha_success’: Captcha challenge check passed; ‘brute_force_challenge_captcha_violation’: Captcha challenge violation; ‘brute_force_lockout_limit_success’: Lockout limit check passed; ‘brute_force_lockout_limit_violation’: Lockout limit violation; ‘brute_force_challenge_limit_success’: Lockout limit check passed; ‘brute_force_challenge_limit_violation’: Lockout limit violation; ‘brute_force_response_codes_triggered’: Response Codes Triggered; ‘brute_force_response_headers_triggered’: Brute Force Response Headers Triggered; ‘brute_force_response_string_triggered’: Brute Force Response string Triggered; ‘cookie_security_encrypt_success’: Cookie Security - encrypt successful; ‘cookie_security_encrypt_violation’: Cookie Security - encrypt violation; ‘cookie_security_encrypt_limit_exceeded’: Cookie Security - encrypt limit exceeded; ‘cookie_security_encrypt_skip_rcache’: Cookie Security - encrypt skipped - RAM cache; ‘cookie_security_decrypt_success’: Cookie Security - decrypt successful; ‘cookie_security_decrypt_violation’: Cookie Security - decrypt violation; ‘cookie_security_sign_success’: Cookie Security - signing successful; ‘cookie_security_sign_violation’: Cookie Security - signing violation; ‘cookie_security_sign_limit_exceeded’: Cookie Security - signing limit exceeded; ‘cookie_security_sign_skip_rcache’: Cookie Security - signing skipped - RAM cache; ‘cookie_security_signature_check_success’: Cookie Security - signature check successful; ‘cookie_security_signature_check_violation’: Cookie Security - signature check failed; ‘cookie_security_add_http_only_success’: Cookie Security - http-only flag added successfully; ‘cookie_security_add_http_only_violation’: Cookie Security - http-only flag violation; ‘cookie_security_add_secure_success’: Cookie Security - secure flag added successfully; ‘cookie_security_add_secure_violation’: Cookie Security - secure flag violation; ‘cookie_security_missing_cookie_success’: Cookie Security - request with missing cookie; ‘cookie_security_missing_cookie_violation’: Cookie Security - missing cookie violation; ‘cookie_security_unrecognized_cookie_success’: Cookie Security - request with unrecognized cookie; ‘cookie_security_unrecognized_cookie_violation’: Cookie Security - unrecognized cookie violation; ‘cookie_security_cookie_policy_success’: Cookie Security - cookie policy passed; ‘cookie_security_cookie_policy_violation’: Cookie Security - cookie policy violation; ‘cookie_security_persistent_cookies’: Cookie Security - persistent cookies; ‘cookie_security_persistent_cookies_encrypted’: Cookie Security - encrypted persistent cookies; ‘cookie_security_persistent_cookies_signed’: Cookie Security - signed persistent cookies; ‘cookie_security_session_cookies’: Cookie Security - session cookies; ‘cookie_security_session_cookies_encrypted’: Cookie Security - encrypted session cookies; ‘cookie_security_session_cookies_signed’: Cookie Security - signed session cookies; ‘cookie_security_allowed_session_cookies’: Cookie Security - allowed session cookies; ‘cookie_security_allowed_persistent_cookies’: Cookie Security - allowed persistent cookies; ‘cookie_security_disallowed_session_cookies’: Cookie Security - disallowed session cookies; ‘cookie_security_disallowed_persistent_cookies’: Cookie Security - disallowed persistent cookies; ‘cookie_security_allowed_session_set_cookies’: Cookie Security - allowed session Set-Cookies; ‘cookie_security_allowed_persistent_set_cookies’: Cookie Security - allowed persistent Set-Cookies; ‘cookie_security_disallowed_session_set_cookies’: Cookie Security - disallowed session Set-Cookies; ‘cookie_security_disallowed_persistent_set_cookies’: Cookie Security - disallowed persistent Set-Cookies; ‘csp_header_violation’: CSP header_missing; ‘csp_header_success’: CSP header found; ‘csp_header_inserted’: CSP header Inserted; ‘form_csrf_tag_success’: Form CSRF tag passed; ‘form_csrf_tag_violation’: Form CSRF tag violation; ‘form_consistency_success’: Form Consistency passed; ‘form_consistency_violation’: Form Consistency violation; ‘form_tag_inserted’: Form A10 Tag Inserted; ‘form_non_ssl_success’: Form Non SSL check passed; ‘form_non_ssl_violation’: Form Non SSL violation; ‘form_request_non_post_success’: Form Method being Non Post in Request passed; ‘form_request_non_post_violation’: Form Method being Non Post in Request violation; ‘form_check_success’: Post Form Check passed; ‘form_check_violation’: Post Form Check violation; ‘form_check_sanitize’: Post Form Check Sanitized; ‘form_non_masked_password_success’: Form Non Masked Password check passed; ‘form_non_masked_password_violation’: Form Non Masked Password violation; ‘form_non_ssl_password_success’: Form Non SSL Password check passed; ‘form_non_ssl_password_violation’: Form Non SSL Password violation; ‘form_password_autocomplete_success’: Form Password Autocomplete check passed; ‘form_password_autocomplete_violation’: Form Password Autocomplete violation; ‘form_set_no_cache_success’: Form Set No Cache check passed; ‘form_set_no_cache’: Form Set No Cache violation; ‘dlp_ccn_success’: Credit Card Number check passed; ‘dlp_ccn_amex_violation’: Amex Credit Card Number Detected; ‘dlp_ccn_amex_masked’: Amex Credit Card Number Masked; ‘dlp_ccn_diners_violation’: Diners Club Credit Card Number Detected; ‘dlp_ccn_diners_masked’: Diners Club Credit Card Number Masked; ‘dlp_ccn_visa_violation’: Visa Credit Card Number Detected; ‘dlp_ccn_visa_masked’: Visa Credit Card Number Masked; ‘dlp_ccn_mastercard_violation’: MasterCard Credit Card Number Detected; ‘dlp_ccn_mastercard_masked’: MasterCard Credit Card Number Masked; ‘dlp_ccn_discover_violation’: Discover Credit Card Number Detected; ‘dlp_ccn_discover_masked’: Discover Credit Card Number Masked; ‘dlp_ccn_jcb_violation’: JCB Credit Card Number Detected; ‘dlp_ccn_jcb_masked’: JCB Credit Card Number Masked; ‘dlp_ssn_success’: Social Security Number Mask check passed; ‘dlp_ssn_violation’: Social Security Number Mask violation; ‘dlp_pcre_success’: PCRE Mask check passed; ‘dlp_pcre_violation’: PCRE Mask violation; ‘dlp_pcre_masked’: PCRE Mask violation; ‘evasion_check_apache_whitespace_success’: Apache Whitespace check passed; ‘evasion_check_apache_whitespace_violation’: Apache Whitespace check violation; ‘evasion_check_decode_entities_success’: Decode Entities check passed; ‘evasion_check_decode_entities_violation’: Decode Entities check violation; ‘evasion_check_decode_escaped_chars_success’: Decode Escaped Chars check passed; ‘evasion_check_decode_escaped_chars_violation’: Decode Escaped Chars check violation; ‘evasion_check_decode_unicode_chars_success’: Decode Unicode Chars check passed; ‘evasion_check_decode_unicode_chars_violation’: Decode Unicode Chars check violation; ‘evasion_check_dir_traversal_success’: Dir traversal check passed; ‘evasion_check_dir_traversal_violation’: Dir traversal check violation;
Type: string
Supported Values: all, total_req, req_allowed, req_denied, resp_denied, brute_force_success, brute_force_violation, brute_force_challenge_cookie_sent, brute_force_challenge_cookie_success, brute_force_challenge_cookie_violation, brute_force_challenge_javascript_sent, brute_force_challenge_javascript_success, brute_force_challenge_javascript_violation, brute_force_challenge_captcha_sent, brute_force_challenge_captcha_success, brute_force_challenge_captcha_violation, brute_force_lockout_limit_success, brute_force_lockout_limit_violation, brute_force_challenge_limit_success, brute_force_challenge_limit_violation, brute_force_response_codes_triggered, brute_force_response_headers_triggered, brute_force_response_string_triggered, cookie_security_encrypt_success, cookie_security_encrypt_violation, cookie_security_encrypt_limit_exceeded, cookie_security_encrypt_skip_rcache, cookie_security_decrypt_success, cookie_security_decrypt_violation, cookie_security_sign_success, cookie_security_sign_violation, cookie_security_sign_limit_exceeded, cookie_security_sign_skip_rcache, cookie_security_signature_check_success, cookie_security_signature_check_violation, cookie_security_add_http_only_success, cookie_security_add_http_only_violation, cookie_security_add_secure_success, cookie_security_add_secure_violation, cookie_security_missing_cookie_success, cookie_security_missing_cookie_violation, cookie_security_unrecognized_cookie_success, cookie_security_unrecognized_cookie_violation, cookie_security_cookie_policy_success, cookie_security_cookie_policy_violation, cookie_security_persistent_cookies, cookie_security_persistent_cookies_encrypted, cookie_security_persistent_cookies_signed, cookie_security_session_cookies, cookie_security_session_cookies_encrypted, cookie_security_session_cookies_signed, cookie_security_allowed_session_cookies, cookie_security_allowed_persistent_cookies, cookie_security_disallowed_session_cookies, cookie_security_disallowed_persistent_cookies, cookie_security_allowed_session_set_cookies, cookie_security_allowed_persistent_set_cookies, cookie_security_disallowed_session_set_cookies, cookie_security_disallowed_persistent_set_cookies, csp_header_violation, csp_header_success, csp_header_inserted, form_csrf_tag_success, form_csrf_tag_violation, form_consistency_success, form_consistency_violation, form_tag_inserted, form_non_ssl_success, form_non_ssl_violation, form_request_non_post_success, form_request_non_post_violation, form_check_success, form_check_violation, form_check_sanitize, form_non_masked_password_success, form_non_masked_password_violation, form_non_ssl_password_success, form_non_ssl_password_violation, form_password_autocomplete_success, form_password_autocomplete_violation, form_set_no_cache_success, form_set_no_cache, dlp_ccn_success, dlp_ccn_amex_violation, dlp_ccn_amex_masked, dlp_ccn_diners_violation, dlp_ccn_diners_masked, dlp_ccn_visa_violation, dlp_ccn_visa_masked, dlp_ccn_mastercard_violation, dlp_ccn_mastercard_masked, dlp_ccn_discover_violation, dlp_ccn_discover_masked, dlp_ccn_jcb_violation, dlp_ccn_jcb_masked, dlp_ssn_success, dlp_ssn_violation, dlp_pcre_success, dlp_pcre_violation, dlp_pcre_masked, evasion_check_apache_whitespace_success, evasion_check_apache_whitespace_violation, evasion_check_decode_entities_success, evasion_check_decode_entities_violation, evasion_check_decode_escaped_chars_success, evasion_check_decode_escaped_chars_violation, evasion_check_decode_unicode_chars_success, evasion_check_decode_unicode_chars_violation, evasion_check_dir_traversal_success, evasion_check_dir_traversal_violation
counters2
Description ‘evasion_check_high_ascii_bytes_success’: High Ascii Bytes check passed; ‘evasion_check_high_ascii_bytes_violation’: High Ascii Bytes check violation; ‘evasion_check_invalid_hex_encoding_success’: Invalid Hex Encoding check passed; ‘evasion_check_invalid_hex_encoding_violation’: Invalid Hex Encoding check violation; ‘evasion_check_multiple_encoding_levels_success’: Multiple Encoding Levels check passed; ‘evasion_check_multiple_encoding_levels_violation’: Multiple Encoding Levels check violation; ‘evasion_check_multiple_slashes_success’: Multiple Slashes check passed; ‘evasion_check_multiple_slashes_violation’: Multiple Slashes check violation; ‘evasion_check_max_levels_success’: Max Levels check passed; ‘evasion_check_max_levels_violation’: Max Levels check violation; ‘evasion_check_remove_comments_success’: Remove Comments check passed; ‘evasion_check_remove_comments_violation’: Remove Comments check violation; ‘evasion_check_remove_spaces_success’: Remove Spaces check passed; ‘evasion_check_remove_spaces_violation’: Remove Spaces check violation; ‘http_limit_max_content_length_success’: MAX content-length check passed; ‘http_limit_max_content_length_violation’: MAX content-length check violation; ‘http_limit_max_cookie_header_length_success’: MAX cookie header length check passed; ‘http_limit_max_cookie_header_length_violation’: MAX cookie header length violation; ‘http_limit_max_cookie_name_length_success’: MAX cookie name length check passed; ‘http_limit_max_cookie_name_length_violation’: MAX cookie name length violation; ‘http_limit_max_cookie_value_length_success’: MAX cookie value length check passed; ‘http_limit_max_cookie_value_length_violation’: MAX cookie value length violation; ‘http_limit_max_cookies_success’: Max Cookies check passed; ‘http_limit_max_cookies_violation’: Max Cookies violation; ‘http_limit_max_cookies_length_success’: MAX cookies length check passed; ‘http_limit_max_cookies_length_violation’: MAX cookies length violation; ‘http_limit_max_data_parse_success’: Buffer Overflow - Max Data Parse check passed; ‘http_limit_max_data_parse_violation’: Buffer Overflow - Max Data Parse violation; ‘http_limit_max_entities_success’: Max Entities check passed; ‘http_limit_max_entities_violation’: Max Entities violation; ‘http_limit_max_header_length_success’: MAX header length check passed; ‘http_limit_max_header_length_violation’: MAX header length check violation; ‘http_limit_max_header_name_length_success’: MAX header name length check passed; ‘http_limit_max_header_name_length_violation’: MAX header name length check violation; ‘http_limit_max_header_value_length_success’: MAX header value length check passed; ‘http_limit_max_header_value_length_violation’: MAX header value length check violation; ‘http_limit_max_headers_success’: MAX headers count check passed; ‘http_limit_max_headers_violation’: Max Headers violation; ‘http_limit_max_headers_length_success’: MAX headers length check passed; ‘http_limit_max_headers_length_violation’: MAX headers length check violation; ‘http_limit_max_param_name_length_success’: Limit check - MAX parameter name length check passed; ‘http_limit_max_param_name_length_violation’: Limit check - MAX parameter name length violation; ‘http_limit_max_param_value_length_success’: Limit check - MAX parameter value length check passed; ‘http_limit_max_param_value_length_violation’: Limit check - MAX parameter value length violation; ‘http_limit_max_params_success’: Limit check - MAX parameters check passed; ‘http_limit_max_params_violation’: Limit check - MAX parameters violation; ‘http_limit_max_params_length_success’: Limit check - MAX parameters total length check passed; ‘http_limit_max_params_length_violation’: Limit check - MAX parameters total length violation; ‘http_limit_max_post_length_success’: MAX POST length check passed; ‘http_limit_max_post_length_violation’: MAX POST length violation; ‘http_limit_max_query_length_success’: Limit check - MAX query length check passed; ‘http_limit_max_query_length_violation’: Limit check - MAX query length violation; ‘http_limit_max_request_length_success’: Limit check - MAX request length check passed; ‘http_limit_max_request_length_violation’: Limit check - MAX request length violation; ‘http_limit_max_request_line_length_success’: Limit check - MAX request line length check passed; ‘http_limit_max_request_line_length_violation’: Limit check - MAX request line length violation; ‘max_url_length_success’: Limit check - MAX URL length check passed; ‘max_url_length_violation’: Limit check - MAX URL length violation; ‘http_protocol_allowed_headers_success’: HTTP headers check passed; ‘http_protocol_allowed_headers_violation’: HTTP headers check violation; ‘http_protocol_allowed_versions_success’: HTTP versions check passed; ‘http_protocol_allowed_versions_violation’: HTTP versions check violation; ‘http_protocol_allowed_method_check_success’: HTTP Method Check passed; ‘http_protocol_allowed_method_check_violation’: HTTP Method Check violation; ‘http_protocol_bad_multipart_request_success’: Bad multi-part request check passed; ‘http_protocol_bad_multipart_request_violation’: Bad multi-part request check violation; ‘http_protocol_get_with_content_success’: GET with content check passed; ‘http_protocol_get_with_content_violation’: GET with content check violation; ‘http_protocol_head_with_content_success’: HEAD with content check passed; ‘http_protocol_head_with_content_violation’: HEAD with content check violation; ‘http_protocol_host_header_with_ip_success’: Host header with IP check passed; ‘http_protocol_host_header_with_ip_violation’: Host header with IP check violation; ‘http_protocol_invalid_url_encoding_success’: Invalid url encoding check passed; ‘http_protocol_invalid_url_encoding_violation’: Invalid url encoding check violation; ‘http_protocol_malformed_content_length_success’: Malformed content-length check passed; ‘http_protocol_malformed_content_length_violation’: Malformed content-length check violation; ‘http_protocol_malformed_header_success’: Malformed header check passed; ‘http_protocol_malformed_header_violation’: Malformed header check passed; ‘http_protocol_malformed_parameter_success’: Malformed parameter check passed; ‘http_protocol_malformed_parameter_violation’: Malformed parameter check violation; ‘http_protocol_malformed_request_success’: Malformed request check passed; ‘http_protocol_malformed_request_violation’: Malformed request check violation; ‘http_protocol_malformed_request_line_success’: Malformed request line check passed; ‘http_protocol_malformed_request_line_violation’: Malformed request line check violation; ‘http_protocol_missing_header_value_success’: Missing header value check violation; ‘http_protocol_missing_header_value_violation’: Missing header value check violation; ‘http_protocol_missing_host_header_success’: Missing host header check passed; ‘http_protocol_missing_host_header_violation’: Missing host header check violation; ‘http_protocol_multiple_content_length_success’: Multiple content-length headers check passed; ‘http_protocol_multiple_content_length_violation’: Multiple content-length headers check violation; ‘http_protocol_post_with_0_content_success’: POST with 0 content check passed; ‘http_protocol_post_with_0_content_violation’: POST with 0 content check violation; ‘http_protocol_post_without_content_success’: POST without content check passed; ‘http_protocol_post_without_content_violation’: POST without content check violation; ‘http_protocol_success’: HTTP Check passed; ‘http_protocol_violation’: HTTP Check violation; ‘json_check_format_success’: JSON Check passed;
Type: string
Supported Values: evasion_check_high_ascii_bytes_success, evasion_check_high_ascii_bytes_violation, evasion_check_invalid_hex_encoding_success, evasion_check_invalid_hex_encoding_violation, evasion_check_multiple_encoding_levels_success, evasion_check_multiple_encoding_levels_violation, evasion_check_multiple_slashes_success, evasion_check_multiple_slashes_violation, evasion_check_max_levels_success, evasion_check_max_levels_violation, evasion_check_remove_comments_success, evasion_check_remove_comments_violation, evasion_check_remove_spaces_success, evasion_check_remove_spaces_violation, http_limit_max_content_length_success, http_limit_max_content_length_violation, http_limit_max_cookie_header_length_success, http_limit_max_cookie_header_length_violation, http_limit_max_cookie_name_length_success, http_limit_max_cookie_name_length_violation, http_limit_max_cookie_value_length_success, http_limit_max_cookie_value_length_violation, http_limit_max_cookies_success, http_limit_max_cookies_violation, http_limit_max_cookies_length_success, http_limit_max_cookies_length_violation, http_limit_max_data_parse_success, http_limit_max_data_parse_violation, http_limit_max_entities_success, http_limit_max_entities_violation, http_limit_max_header_length_success, http_limit_max_header_length_violation, http_limit_max_header_name_length_success, http_limit_max_header_name_length_violation, http_limit_max_header_value_length_success, http_limit_max_header_value_length_violation, http_limit_max_headers_success, http_limit_max_headers_violation, http_limit_max_headers_length_success, http_limit_max_headers_length_violation, http_limit_max_param_name_length_success, http_limit_max_param_name_length_violation, http_limit_max_param_value_length_success, http_limit_max_param_value_length_violation, http_limit_max_params_success, http_limit_max_params_violation, http_limit_max_params_length_success, http_limit_max_params_length_violation, http_limit_max_post_length_success, http_limit_max_post_length_violation, http_limit_max_query_length_success, http_limit_max_query_length_violation, http_limit_max_request_length_success, http_limit_max_request_length_violation, http_limit_max_request_line_length_success, http_limit_max_request_line_length_violation, max_url_length_success, max_url_length_violation, http_protocol_allowed_headers_success, http_protocol_allowed_headers_violation, http_protocol_allowed_versions_success, http_protocol_allowed_versions_violation, http_protocol_allowed_method_check_success, http_protocol_allowed_method_check_violation, http_protocol_bad_multipart_request_success, http_protocol_bad_multipart_request_violation, http_protocol_get_with_content_success, http_protocol_get_with_content_violation, http_protocol_head_with_content_success, http_protocol_head_with_content_violation, http_protocol_host_header_with_ip_success, http_protocol_host_header_with_ip_violation, http_protocol_invalid_url_encoding_success, http_protocol_invalid_url_encoding_violation, http_protocol_malformed_content_length_success, http_protocol_malformed_content_length_violation, http_protocol_malformed_header_success, http_protocol_malformed_header_violation, http_protocol_malformed_parameter_success, http_protocol_malformed_parameter_violation, http_protocol_malformed_request_success, http_protocol_malformed_request_violation, http_protocol_malformed_request_line_success, http_protocol_malformed_request_line_violation, http_protocol_missing_header_value_success, http_protocol_missing_header_value_violation, http_protocol_missing_host_header_success, http_protocol_missing_host_header_violation, http_protocol_multiple_content_length_success, http_protocol_multiple_content_length_violation, http_protocol_post_with_0_content_success, http_protocol_post_with_0_content_violation, http_protocol_post_without_content_success, http_protocol_post_without_content_violation, http_protocol_success, http_protocol_violation, json_check_format_success
counters3
Description ‘json_check_format_violation’: JSON Check violation; ‘json_check_max_array_value_count_success’: JSON Limit Array Value Count check passed; ‘json_check_max_array_value_count_violation’: JSON Limit Array Value Count violation; ‘json_check_max_depth_success’: JSON Limit Depth check passed; ‘json_check_max_depth_violation’: JSON Limit Depth violation; ‘json_check_max_object_member_count_success’: JSON Limit Object Number Count check passed; ‘json_check_max_object_member_count_violation’: JSON Limit Object Number Count violation; ‘json_check_max_string_success’: JSON Limit String check passed; ‘json_check_max_string_violation’: JSON Limit String violation; ‘request_check_bot_success’: Bot check passed; ‘request_check_bot_violation’: Bot check violation; ‘request_check_redirect_wlist_success’: Redirect Whitelist passed; ‘request_check_redirect_wlist_violation’: Redirect Whitelist violation; ‘request_check_redirect_wlist_learn’: Redirect Whitelist Learn; ‘request_check_referer_success’: Referer Check passed; ‘request_check_referer_violation’: Referer Check violation; ‘request_check_referer_redirect’: Referer Check Redirect; ‘request_check_session_check_none’: Session Created; ‘request_check_session_check_success’: Session Check passed; ‘request_check_session_check_violation’: Session Check violation; ‘request_check_sqlia_url_success’: SQLIA Check URL passed; ‘request_check_sqlia_url_violation’: SQLIA Check URL violation; ‘request_check_sqlia_url_sanitize’: SQLIA Check URL Sanitized; ‘request_check_sqlia_post_body_success’: SQLIA Check Post passed; ‘request_check_sqlia_post_body_violation’: SQLIA Check Post violation; ‘request_check_sqlia_post_body_sanitize’: SQLIA Check Post Sanitized; ‘request_check_url_list_success’: URL Check passed; ‘request_check_url_list_violation’: URL Check violation; ‘request_check_url_list_learn’: URL Check Learn; ‘request_check_url_whitelist_success’: URI White List passed; ‘request_check_url_whitelist_violation’: URI White List violation; ‘request_check_url_blacklist_success’: URI Black List passed; ‘request_check_url_blacklist_violation’: URI Black List violation; ‘request_check_xss_cookie_success’: XSS Check Cookie passed; ‘request_check_xss_cookie_violation’: XSS Check Cookie violation; ‘request_check_xss_cookie_sanitize’: XSS Check Cookie Sanitized; ‘request_check_xss_url_success’: XSS Check URL passed; ‘request_check_xss_url_violation’: XSS Check URL violation; ‘request_check_xss_url_sanitize’: XSS Check URL Sanitized; ‘request_check_xss_post_body_success’: XSS Check Post passed; ‘request_check_xss_post_body_violation’: XSS Check Post violation; ‘request_check_xss_post_body_sanitize’: XSS Check Post Sanitized; ‘response_cloaking_hide_status_code_success’: Response Hide Code check passed; ‘response_cloaking_hide_status_code_violation’: Response Hide Code violation; ‘response_cloaking_filter_headers_success’: Response Headers Filter check passed; ‘response_cloaking_filter_headers_violation’: Response Headers Filter violation; ‘soap_check_success’: Soap Check passed; ‘soap_check_violation’: Soap Check violation; ‘xml_check_format_success’: XML Check passed; ‘xml_check_format_violation’: XML Check violation; ‘xml_check_max_attr_success’: XML Limit Attribute check passed; ‘xml_check_max_attr_violation’: XML Limit Attribute violation; ‘xml_check_max_attr_name_len_success’: XML Limit Name Length check passed; ‘xml_check_max_attr_name_len_violation’: XML Limit Name Length violation; ‘xml_check_max_attr_value_len_success’: XML Limit Value Length check passed; ‘xml_check_max_attr_value_len_violation’: XML Limit Value Length violation; ‘xml_check_max_cdata_len_success’: XML Limit CData Length check passed; ‘xml_check_max_cdata_len_violation’: XML Limit CData Length violation; ‘xml_check_max_elem_success’: XML Limit Element check passed; ‘xml_check_max_elem_violation’: XML Limit Element violation; ‘xml_check_max_elem_child_success’: XML Limit Element Child check passed; ‘xml_check_max_elem_child_violation’: XML Limit Element Child violation; ‘xml_check_max_elem_depth_success’: XML Limit Element Depth check passed; ‘xml_check_max_elem_depth_violation’: XML Limit Element Depth violation; ‘xml_check_max_elem_name_len_success’: XML Limit Element Name Length check passed; ‘xml_check_max_elem_name_len_violation’: XML Limit Element Name Length violation; ‘xml_check_max_entity_exp_success’: XML Limit Entity Expansions check passed; ‘xml_check_max_entity_exp_violation’: XML Limit Entity Expansions violation; ‘xml_check_max_entity_exp_depth_success’: XML Limit Entities Depth check passed; ‘xml_check_max_entity_exp_depth_violation’: XML Limit Entities Depth violation; ‘xml_check_max_namespace_success’: XML Limit Namespace check passed; ‘xml_check_max_namespace_violation’: XML Limit Namespace violation; ‘xml_check_namespace_uri_len_success’: XML Limit Namespace URI Length check passed; ‘xml_check_namespace_uri_len_violation’: XML Limit Namespace URI Length violation; ‘xml_check_sqlia_success’: XML Sqlia Check passed; ‘xml_check_sqlia_violation’: XML Sqlia Check violation; ‘xml_check_xss_success’: XML XSS Check passed; ‘xml_check_xss_violation’: XML XSS Check violation; ‘xml_content_check_schema_success’: XML Schema passed; ‘xml_content_check_schema_violation’: XML Schema violation; ‘xml_content_check_wsdl_success’: WSDL passed; ‘xml_content_check_wsdl_violation’: WSDL violation; ‘learning_list_full’: Learning list is full; ‘action_allow’: Request Action allowed; ‘action_deny_200’: Request Deny with 200; ‘action_deny_403’: Request Deny with 403; ‘action_deny_redirect’: Request Deny with Redirect; ‘action_deny_reset’: Request Deny with Resets; ‘action_drop’: Number of Dropped Requests; ‘action_deny_custom_response’: Request Deny with custom response; ‘action_learn’: Request Learning Updates; ‘action_log’: Log request violation; ‘policy_limit_exceeded’: Policy limit exceeded; ‘sessions_alloc’: Sessions allocated; ‘sessions_freed’: Sessions freed; ‘out_of_sessions’: Out of sessions; ‘too_many_sessions’: Too many sessions consumed; ‘regex_violation’: Regular expression failure; ‘request_check_command_injection_cookies_success’: Command Injection Check cookies passed; ‘request_check_command_injection_cookies_violation’: Command Injection Check cookies violation; ‘request_check_command_injection_headers_success’: Command Injection Check headers passed; ‘request_check_command_injection_headers_violation’: Command Injection Check headers violation; ‘request_check_command_injection_uri_query_success’: Command Injection Check url query arguments passed; ‘request_check_command_injection_uri_query_violation’: Command Injection Check url query arguments violation; ‘request_check_command_injection_form_body_success’: Command Injection Check form body arguments passed; ‘request_check_command_injection_form_body_violation’: Command Injection Check form body arguments violation; ‘cookie_security_decrypt_in_grace_period_violation’: Cookie Decrypt violation but in grace period; ‘form_response_non_post_success’: Response form method was POST; ‘form_response_non_post_violation’: Response form method was not POST; ‘form_response_non_post_sanitize’: Changed response form method to POST; ‘xml_check_max_entity_decl_success’: XML Limit Entity Decl check passed; ‘xml_check_max_entity_decl_violation’: XML Limit Entity Decl violation; ‘xml_check_max_entity_depth_success’: XML Limit Entity Depth check passed; ‘xml_check_max_entity_depth_violation’: XML Limit Entity Depth violation; ‘action_response_allow’: Response Action allowed; ‘action_response_deny_200’: Response Deny with 200;
Type: string
Supported Values: json_check_format_violation, json_check_max_array_value_count_success, json_check_max_array_value_count_violation, json_check_max_depth_success, json_check_max_depth_violation, json_check_max_object_member_count_success, json_check_max_object_member_count_violation, json_check_max_string_success, json_check_max_string_violation, request_check_bot_success, request_check_bot_violation, request_check_redirect_wlist_success, request_check_redirect_wlist_violation, request_check_redirect_wlist_learn, request_check_referer_success, request_check_referer_violation, request_check_referer_redirect, request_check_session_check_none, request_check_session_check_success, request_check_session_check_violation, request_check_sqlia_url_success, request_check_sqlia_url_violation, request_check_sqlia_url_sanitize, request_check_sqlia_post_body_success, request_check_sqlia_post_body_violation, request_check_sqlia_post_body_sanitize, request_check_url_list_success, request_check_url_list_violation, request_check_url_list_learn, request_check_url_whitelist_success, request_check_url_whitelist_violation, request_check_url_blacklist_success, request_check_url_blacklist_violation, request_check_xss_cookie_success, request_check_xss_cookie_violation, request_check_xss_cookie_sanitize, request_check_xss_url_success, request_check_xss_url_violation, request_check_xss_url_sanitize, request_check_xss_post_body_success, request_check_xss_post_body_violation, request_check_xss_post_body_sanitize, response_cloaking_hide_status_code_success, response_cloaking_hide_status_code_violation, response_cloaking_filter_headers_success, response_cloaking_filter_headers_violation, soap_check_success, soap_check_violation, xml_check_format_success, xml_check_format_violation, xml_check_max_attr_success, xml_check_max_attr_violation, xml_check_max_attr_name_len_success, xml_check_max_attr_name_len_violation, xml_check_max_attr_value_len_success, xml_check_max_attr_value_len_violation, xml_check_max_cdata_len_success, xml_check_max_cdata_len_violation, xml_check_max_elem_success, xml_check_max_elem_violation, xml_check_max_elem_child_success, xml_check_max_elem_child_violation, xml_check_max_elem_depth_success, xml_check_max_elem_depth_violation, xml_check_max_elem_name_len_success, xml_check_max_elem_name_len_violation, xml_check_max_entity_exp_success, xml_check_max_entity_exp_violation, xml_check_max_entity_exp_depth_success, xml_check_max_entity_exp_depth_violation, xml_check_max_namespace_success, xml_check_max_namespace_violation, xml_check_namespace_uri_len_success, xml_check_namespace_uri_len_violation, xml_check_sqlia_success, xml_check_sqlia_violation, xml_check_xss_success, xml_check_xss_violation, xml_content_check_schema_success, xml_content_check_schema_violation, xml_content_check_wsdl_success, xml_content_check_wsdl_violation, learning_list_full, action_allow, action_deny_200, action_deny_403, action_deny_redirect, action_deny_reset, action_drop, action_deny_custom_response, action_learn, action_log, policy_limit_exceeded, sessions_alloc, sessions_freed, out_of_sessions, too_many_sessions, regex_violation, request_check_command_injection_cookies_success, request_check_command_injection_cookies_violation, request_check_command_injection_headers_success, request_check_command_injection_headers_violation, request_check_command_injection_uri_query_success, request_check_command_injection_uri_query_violation, request_check_command_injection_form_body_success, request_check_command_injection_form_body_violation, cookie_security_decrypt_in_grace_period_violation, form_response_non_post_success, form_response_non_post_violation, form_response_non_post_sanitize, xml_check_max_entity_decl_success, xml_check_max_entity_decl_violation, xml_check_max_entity_depth_success, xml_check_max_entity_depth_violation, action_response_allow, action_response_deny_200
counters4
Description ‘action_response_deny_403’: Response Deny with 403; ‘action_response_deny_redirect’: Response Deny with Redirect; ‘action_response_deny_reset’: Deny with Resets; ‘action_response_drop’: Number of Dropped Responses; ‘action_response_deny_custom_response’: Response Deny with custom response; ‘action_response_learn’: Response Learning Updates; ‘action_response_log’: Log response violation; ‘http_protocol_post_without_content_type_success’: POST without content type check passed; ‘http_protocol_post_without_content_type_violation’: POST without content type check violation; ‘http_protocol_body_without_content_type_success’: Body without content type check passed; ‘http_protocol_body_without_content_type_violation’: Body without content type check violation; ‘http_protocol_non_ssl_cookie_prefix_success’: Cookie Name Prefix check passed; ‘http_protocol_non_ssl_cookie_prefix_violation’: Cookie Name Prefix check violation; ‘cookie_security_add_samesite_success’: Cookie Security - samesite attribute added successfully; ‘cookie_security_add_samesite_violation’: Cookie Security - samesite attribute violation; ‘rule_set_request’: Requests hanlded by WAF rule set; ‘rule_set_response’: Responses hanlded by WAF rule set; ‘phase1_pass’: WAF rule set pass hits in phase 1; ‘phase1_allow’: WAF rule set allow hits in phase 1; ‘phase1_deny’: WAF rule set deny hits in phase 1; ‘phase1_drop’: WAF rule set drop hits in phase 1; ‘phase1_redirect’: WAF rule set redirect hits in phase 1; ‘phase1_other’: WAF rule set other hits in phase 1; ‘phase2_pass’: WAF rule set pass hits in phase 2; ‘phase2_allow’: WAF rule set allow hits in phase 2; ‘phase2_deny’: WAF rule set deny hits in phase 2; ‘phase2_drop’: WAF rule set drop hits in phase 2; ‘phase2_redirect’: WAF rule set redirect hits in phase 2; ‘phase2_other’: WAF rule set other hits in phase 2; ‘phase3_pass’: WAF rule set pass hits in phase 3; ‘phase3_allow’: WAF rule set allow hits in phase 3; ‘phase3_deny’: WAF rule set deny hits in phase 3; ‘phase3_drop’: WAF rule set drop hits in phase 3; ‘phase3_redirect’: WAF rule set redirect hits in phase 3; ‘phase3_other’: WAF rule set other hits in phase 3; ‘phase4_pass’: WAF rule set pass hits in phase 4; ‘phase4_allow’: WAF rule set allow hits in phase 4; ‘phase4_deny’: WAF rule set deny hits in phase 4; ‘phase4_drop’: WAF rule set drop hits in phase 4; ‘phase4_redirect’: WAF rule set redirect hits in phase 4; ‘phase4_other’: WAF rule set other hits in phase 4;
Type: string
Supported Values: action_response_deny_403, action_response_deny_redirect, action_response_deny_reset, action_response_drop, action_response_deny_custom_response, action_response_learn, action_response_log, http_protocol_post_without_content_type_success, http_protocol_post_without_content_type_violation, http_protocol_body_without_content_type_success, http_protocol_body_without_content_type_violation, http_protocol_non_ssl_cookie_prefix_success, http_protocol_non_ssl_cookie_prefix_violation, cookie_security_add_samesite_success, cookie_security_add_samesite_violation, rule_set_request, rule_set_response, phase1_pass, phase1_allow, phase1_deny, phase1_drop, phase1_redirect, phase1_other, phase2_pass, phase2_allow, phase2_deny, phase2_drop, phase2_redirect, phase2_other, phase3_pass, phase3_allow, phase3_deny, phase3_drop, phase3_redirect, phase3_other, phase4_pass, phase4_allow, phase4_deny, phase4_drop, phase4_redirect, phase4_other
stats data¶
| Counter | Size | Description | |
|---|---|---|---|
| response_cloaking_hide_status_code_success | 8 | Response Hide Code check passed | |
| http_limit_max_header_name_length_violation | 8 | MAX header name length check violation | |
| action_response_deny_custom_response | 8 | Response Deny with custom response | |
| dlp_ccn_mastercard_violation | 8 | MasterCard Credit Card Number Detected | |
| http_protocol_non_ssl_cookie_prefix_success | 8 | Cookie Name Prefix check passed | |
| request_check_url_blacklist_success | 8 | URI Black List passed | |
| http_limit_max_data_parse_violation | 8 | Buffer Overflow - Max Data Parse violation | |
| brute_force_challenge_cookie_violation | 8 | Cookie challenge violation | |
| evasion_check_remove_spaces_success | 8 | Remove Spaces check passed | |
| cookie_security_persistent_cookies | 8 | Cookie Security - persistent cookies | |
| form_non_masked_password_violation | 8 | Form Non Masked Password violation | |
| http_limit_max_cookies_length_violation | 8 | MAX cookies length violation | |
| request_check_command_injection_uri_query_success | 8 | Command Injection Check url query arguments passed | |
| form_response_non_post_violation | 8 | Response form method was not POST | |
| cookie_security_allowed_persistent_set_cookies | 8 | Cookie Security - allowed persistent Set-Cookies | |
| request_check_session_check_none | 8 | Session Created | |
| request_check_referer_redirect | 8 | Referer Check Redirect | |
| xml_check_max_cdata_len_violation | 8 | XML Limit CData Length violation | |
| evasion_check_high_ascii_bytes_violation | 8 | High Ascii Bytes check violation | |
| http_limit_max_param_value_length_violation | 8 | Limit check - MAX parameter value length violation | |
| request_check_url_list_learn | 8 | URL Check Learn | |
| request_check_xss_post_body_sanitize | 8 | XSS Check Post Sanitized | |
| form_check_sanitize | 8 | Post Form Check Sanitized | |
| brute_force_challenge_cookie_sent | 8 | Cookie Challenge Sent | |
| http_limit_max_post_length_violation | 8 | MAX POST length violation | |
| cookie_security_signature_check_violation | 8 | Cookie Security - signature check failed | |
| http_protocol_host_header_with_ip_violation | 8 | Host header with IP check violation | |
| json_check_max_depth_violation | 8 | JSON Limit Depth violation | |
| evasion_check_decode_entities_success | 8 | Decode Entities check passed | |
| xml_check_max_namespace_violation | 8 | XML Limit Namespace violation | |
| brute_force_response_string_triggered | 8 | Brute Force Response string Triggered | |
| action_learn | 8 | Request Learning Updates | |
| request_check_url_list_success | 8 | URL Check passed | |
| http_protocol_malformed_request_line_violation | 8 | Malformed request line check violation | |
| http_limit_max_params_length_success | 8 | Limit check - MAX parameters total length check passed | |
| resp_denied | 8 | Responses Denied | |
| request_check_sqlia_post_body_success | 8 | SQLIA Check Post passed | |
| cookie_security_decrypt_success | 8 | Cookie Security - decrypt successful | |
| http_limit_max_param_value_length_success | 8 | Limit check - MAX parameter value length check passed | |
| xml_check_max_attr_name_len_violation | 8 | XML Limit Name Length violation | |
| cookie_security_session_cookies | 8 | Cookie Security - session cookies | |
| request_check_sqlia_url_violation | 8 | SQLIA Check URL violation | |
| form_tag_inserted | 8 | Form A10 Tag Inserted | |
| max_url_length_success | 8 | Limit check - MAX URL length check passed | |
| brute_force_response_codes_triggered | 8 | Response Codes Triggered | |
| http_limit_max_cookies_success | 8 | Max Cookies check passed | |
| action_response_learn | 8 | Response Learning Updates | |
| http_limit_max_content_length_success | 8 | MAX content-length check passed | |
| cookie_security_sign_skip_rcache | 8 | Cookie Security - signing skipped - RAM cache | |
| xml_check_max_attr_value_len_violation | 8 | XML Limit Value Length violation | |
| http_protocol_post_with_0_content_violation | 8 | POST with 0 content check violation | |
| cookie_security_disallowed_persistent_cookies | 8 | Cookie Security - disallowed persistent cookies | |
| xml_content_check_schema_violation | 8 | XML Schema violation | |
| evasion_check_multiple_slashes_violation | 8 | Multiple Slashes check violation | |
| http_limit_max_request_length_success | 8 | Limit check - MAX request length check passed | |
| response_cloaking_filter_headers_violation | 8 | Response Headers Filter violation | |
| request_check_command_injection_uri_query_violation | 8 | Command Injection Check url query arguments violation | |
| csp_header_violation | 8 | CSP header_missing | |
| http_protocol_post_without_content_type_violation | 8 | POST without content type check violation | |
| http_limit_max_cookie_header_length_success | 8 | MAX cookie header length check passed | |
| http_protocol_post_without_content_success | 8 | POST without content check passed | |
| json_check_format_success | 8 | JSON Check passed | |
| xml_check_max_elem_success | 8 | XML Limit Element check passed | |
| xml_check_xss_success | 8 | XML XSS Check passed | |
| http_limit_max_headers_success | 8 | MAX headers count check passed | |
| request_check_url_whitelist_success | 8 | URI White List passed | |
| dlp_pcre_violation | 8 | PCRE Mask violation | |
| brute_force_success | 8 | Brute-Force checks passed | |
| cookie_security_decrypt_in_grace_period_violation | 8 | Cookie Decrypt violation but in grace period | |
| http_limit_max_cookie_name_length_violation | 8 | MAX cookie name length violation | |
| evasion_check_decode_escaped_chars_success | 8 | Decode Escaped Chars check passed | |
| dlp_ccn_discover_masked | 8 | Discover Credit Card Number Masked | |
| cookie_security_add_http_only_violation | 8 | Cookie Security - http-only flag violation | |
| request_check_xss_url_success | 8 | XSS Check URL passed | |
| xml_check_max_entity_exp_depth_violation | 8 | XML Limit Entities Depth violation | |
| http_protocol_post_without_content_type_success | 8 | POST without content type check passed | |
| action_deny_200 | 8 | Request Deny with 200 | |
| cookie_security_encrypt_limit_exceeded | 8 | Cookie Security - encrypt limit exceeded | |
| http_protocol_body_without_content_type_violation | 8 | Body without content type check violation | |
| xml_check_max_entity_exp_violation | 8 | XML Limit Entity Expansions violation | |
| csp_header_success | 8 | CSP header found | |
| cookie_security_unrecognized_cookie_violation | 8 | Cookie Security - unrecognized cookie violation | |
| dlp_pcre_masked | 8 | PCRE Mask violation | |
| xml_check_format_success | 8 | XML Check passed | |
| xml_check_namespace_uri_len_violation | 8 | XML Limit Namespace URI Length violation | |
| http_protocol_malformed_parameter_violation | 8 | Malformed parameter check violation | |
| request_check_command_injection_cookies_violation | 8 | Command Injection Check cookies violation | |
| json_check_format_violation | 8 | JSON Check violation | |
| form_set_no_cache_success | 8 | Form Set No Cache check passed | |
| xml_check_xss_violation | 8 | XML XSS Check violation | |
| brute_force_challenge_captcha_sent | 8 | Captcha challenge sent | |
| dlp_ssn_success | 8 | Social Security Number Mask check passed | |
| brute_force_lockout_limit_success | 8 | Lockout limit check passed | |
| cookie_security_cookie_policy_violation | 8 | Cookie Security - cookie policy violation | |
| xml_check_max_entity_decl_violation | 8 | XML Limit Entity Decl violation | |
| http_protocol_missing_host_header_success | 8 | Missing host header check passed | |
| http_protocol_malformed_request_violation | 8 | Malformed request check violation | |
| http_limit_max_request_length_violation | 8 | Limit check - MAX request length violation | |
| xml_check_max_elem_child_violation | 8 | XML Limit Element Child violation | |
| http_protocol_malformed_header_violation | 8 | Malformed header check passed | |
| request_check_session_check_success | 8 | Session Check passed | |
| request_check_bot_violation | 8 | Bot check violation | |
| request_check_sqlia_url_sanitize | 8 | SQLIA Check URL Sanitized | |
| http_limit_max_header_length_violation | 8 | MAX header length check violation | |
| max_url_length_violation | 8 | Limit check - MAX URL length violation | |
| http_protocol_allowed_headers_success | 8 | HTTP headers check passed | |
| evasion_check_dir_traversal_violation | 8 | Dir traversal check violation | |
| form_request_non_post_violation | 8 | Form Method being Non Post in Request violation | |
| request_check_xss_post_body_violation | 8 | XSS Check Post violation | |
| cookie_security_sign_success | 8 | Cookie Security - signing successful | |
| evasion_check_remove_spaces_violation | 8 | Remove Spaces check violation | |
| http_limit_max_data_parse_success | 8 | Buffer Overflow - Max Data Parse check passed | |
| evasion_check_dir_traversal_success | 8 | Dir traversal check passed | |
| form_consistency_violation | 8 | Form Consistency violation | |
| http_protocol_malformed_request_success | 8 | Malformed request check passed | |
| request_check_xss_url_sanitize | 8 | XSS Check URL Sanitized | |
| http_limit_max_cookie_name_length_success | 8 | MAX cookie name length check passed | |
| xml_check_max_elem_violation | 8 | XML Limit Element violation | |
| request_check_command_injection_headers_success | 8 | Command Injection Check headers passed | |
| brute_force_challenge_cookie_success | 8 | Cookie Challenge check passed | |
| cookie_security_allowed_session_cookies | 8 | Cookie Security - allowed session cookies | |
| xml_check_max_elem_depth_violation | 8 | XML Limit Element Depth violation | |
| http_protocol_malformed_request_line_success | 8 | Malformed request line check passed | |
| form_set_no_cache | 8 | Form Set No Cache violation | |
| request_check_sqlia_post_body_violation | 8 | SQLIA Check Post violation | |
| form_check_violation | 8 | Post Form Check violation | |
| action_response_deny_200 | 8 | Response Deny with 200 | |
| evasion_check_max_levels_violation | 8 | Max Levels check violation | |
| cookie_security_encrypt_violation | 8 | Cookie Security - encrypt violation | |
| brute_force_lockout_limit_violation | 8 | Lockout limit violation | |
| http_protocol_allowed_method_check_violation | 8 | HTTP Method Check violation | |
| http_protocol_malformed_content_length_success | 8 | Malformed content-length check passed | |
| http_protocol_missing_host_header_violation | 8 | Missing host header check violation | |
| dlp_ccn_jcb_masked | 8 | JCB Credit Card Number Masked | |
| http_limit_max_header_length_success | 8 | MAX header length check passed | |
| request_check_redirect_wlist_success | 8 | Redirect Whitelist passed | |
| xml_check_max_attr_name_len_success | 8 | XML Limit Name Length check passed | |
| http_protocol_head_with_content_violation | 8 | HEAD with content check violation | |
| learning_list_full | 8 | Learning list is full | |
| request_check_xss_cookie_violation | 8 | XSS Check Cookie violation | |
| evasion_check_multiple_encoding_levels_violation | 8 | Multiple Encoding Levels check violation | |
| http_protocol_body_without_content_type_success | 8 | Body without content type check passed | |
| http_protocol_allowed_versions_success | 8 | HTTP versions check passed | |
| xml_check_max_entity_decl_success | 8 | XML Limit Entity Decl check passed | |
| cookie_security_disallowed_session_set_cookies | 8 | Cookie Security - disallowed session Set-Cookies | |
| http_protocol_malformed_header_success | 8 | Malformed header check passed | |
| xml_check_sqlia_success | 8 | XML Sqlia Check passed | |
| form_consistency_success | 8 | Form Consistency passed | |
| xml_check_max_entity_depth_success | 8 | XML Limit Entity Depth check passed | |
| action_log | 8 | Log request violation | |
| request_check_xss_url_violation | 8 | XSS Check URL violation | |
| http_protocol_invalid_url_encoding_success | 8 | Invalid url encoding check passed | |
| request_check_referer_violation | 8 | Referer Check violation | |
| form_request_non_post_success | 8 | Form Method being Non Post in Request passed | |
| json_check_max_object_member_count_success | 8 | JSON Limit Object Number Count check passed | |
| dlp_ccn_visa_masked | 8 | Visa Credit Card Number Masked | |
| http_limit_max_header_name_length_success | 8 | MAX header name length check passed | |
| json_check_max_array_value_count_success | 8 | JSON Limit Array Value Count check passed | |
| xml_check_max_entity_exp_depth_success | 8 | XML Limit Entities Depth check passed | |
| http_limit_max_headers_length_success | 8 | MAX headers length check passed | |
| dlp_ccn_diners_masked | 8 | Diners Club Credit Card Number Masked | |
| policy_limit_exceeded | 8 | Policy limit exceeded | |
| dlp_ccn_success | 8 | Credit Card Number check passed | |
| http_protocol_bad_multipart_request_success | 8 | Bad multi-part request check passed | |
| soap_check_violation | 8 | Soap Check violation | |
| evasion_check_decode_unicode_chars_success | 8 | Decode Unicode Chars check passed | |
| http_limit_max_params_violation | 8 | Limit check - MAX parameters violation | |
| cookie_security_sign_limit_exceeded | 8 | Cookie Security - signing limit exceeded | |
| request_check_bot_success | 8 | Bot check passed | |
| cookie_security_encrypt_skip_rcache | 8 | Cookie Security - encrypt skipped - RAM cache | |
| brute_force_challenge_javascript_sent | 8 | JavaScript challenge sent | |
| http_limit_max_entities_violation | 8 | Max Entities violation | |
| evasion_check_apache_whitespace_success | 8 | Apache Whitespace check passed | |
| brute_force_challenge_limit_success | 8 | Lockout limit check passed | |
| http_protocol_allowed_versions_violation | 8 | HTTP versions check violation | |
| cookie_security_unrecognized_cookie_success | 8 | Cookie Security - request with unrecognized cookie | |
| action_deny_reset | 8 | Request Deny with Resets | |
| form_non_ssl_password_violation | 8 | Form Non SSL Password violation | |
| xml_check_max_elem_depth_success | 8 | XML Limit Element Depth check passed | |
| http_limit_max_headers_length_violation | 8 | MAX headers length check violation | |
| dlp_ccn_visa_violation | 8 | Visa Credit Card Number Detected | |
| req_denied | 8 | Requests Denied | |
| http_limit_max_params_success | 8 | Limit check - MAX parameters check passed | |
| req_allowed | 8 | Requests Allowed | |
| cookie_security_add_secure_success | 8 | Cookie Security - secure flag added successfully | |
| evasion_check_invalid_hex_encoding_violation | 8 | Invalid Hex Encoding check violation | |
| json_check_max_object_member_count_violation | 8 | JSON Limit Object Number Count violation | |
| brute_force_challenge_javascript_success | 8 | JavaScript challenge check passed | |
| request_check_command_injection_cookies_success | 8 | Command Injection Check cookies passed | |
| dlp_ccn_jcb_violation | 8 | JCB Credit Card Number Detected | |
| form_non_ssl_password_success | 8 | Form Non SSL Password check passed | |
| form_password_autocomplete_success | 8 | Form Password Autocomplete check passed | |
| action_allow | 8 | Request Action allowed | |
| http_limit_max_cookies_length_success | 8 | MAX cookies length check passed | |
| action_deny_redirect | 8 | Request Deny with Redirect | |
| http_limit_max_param_name_length_success | 8 | Limit check - MAX parameter name length check passed | |
| dlp_ccn_diners_violation | 8 | Diners Club Credit Card Number Detected | |
| http_protocol_malformed_parameter_success | 8 | Malformed parameter check passed | |
| http_protocol_invalid_url_encoding_violation | 8 | Invalid url encoding check violation | |
| xml_check_max_attr_value_len_success | 8 | XML Limit Value Length check passed | |
| request_check_url_whitelist_violation | 8 | URI White List violation | |
| request_check_xss_cookie_success | 8 | XSS Check Cookie passed | |
| request_check_command_injection_form_body_success | 8 | Command Injection Check form body arguments passed | |
| http_protocol_success | 8 | HTTP Check passed | |
| http_protocol_bad_multipart_request_violation | 8 | Bad multi-part request check violation | |
| xml_check_max_namespace_success | 8 | XML Limit Namespace check passed | |
| action_response_drop | 8 | Number of Dropped Responses | |
| dlp_ccn_mastercard_masked | 8 | MasterCard Credit Card Number Masked | |
| form_check_success | 8 | Post Form Check passed | |
| action_deny_custom_response | 8 | Request Deny with custom response | |
| xml_check_sqlia_violation | 8 | XML Sqlia Check violation | |
| cookie_security_sign_violation | 8 | Cookie Security - signing violation | |
| evasion_check_decode_escaped_chars_violation | 8 | Decode Escaped Chars check violation | |
| too_many_sessions | 8 | Too many sessions consumed | |
| cookie_security_add_secure_violation | 8 | Cookie Security - secure flag violation | |
| json_check_max_array_value_count_violation | 8 | JSON Limit Array Value Count violation | |
| evasion_check_max_levels_success | 8 | Max Levels check passed | |
| http_limit_max_query_length_violation | 8 | Limit check - MAX query length violation | |
| xml_check_max_elem_name_len_violation | 8 | XML Limit Element Name Length violation | |
| http_protocol_multiple_content_length_success | 8 | Multiple content-length headers check passed | |
| regex_violation | 8 | Regular expression failure | |
| xml_check_max_attr_violation | 8 | XML Limit Attribute violation | |
| http_limit_max_header_value_length_violation | 8 | MAX header value length check violation | |
| http_limit_max_request_line_length_success | 8 | Limit check - MAX request line length check passed | |
| cookie_security_disallowed_session_cookies | 8 | Cookie Security - disallowed session cookies | |
| xml_content_check_schema_success | 8 | XML Schema passed | |
| evasion_check_high_ascii_bytes_success | 8 | High Ascii Bytes check passed | |
| http_protocol_head_with_content_success | 8 | HEAD with content check passed | |
| http_limit_max_content_length_violation | 8 | MAX content-length check violation | |
| http_protocol_missing_header_value_violation | 8 | Missing header value check violation | |
| http_limit_max_cookie_header_length_violation | 8 | MAX cookie header length violation | |
| xml_check_max_cdata_len_success | 8 | XML Limit CData Length check passed | |
| response_cloaking_filter_headers_success | 8 | Response Headers Filter check passed | |
| cookie_security_missing_cookie_success | 8 | Cookie Security - request with missing cookie | |
| http_protocol_post_without_content_violation | 8 | POST without content check violation | |
| cookie_security_persistent_cookies_signed | 8 | Cookie Security - signed persistent cookies | |
| soap_check_success | 8 | Soap Check passed | |
| request_check_redirect_wlist_violation | 8 | Redirect Whitelist violation | |
| http_limit_max_request_line_length_violation | 8 | Limit check - MAX request line length violation | |
| action_response_log | 8 | Log response violation | |
| xml_check_max_elem_child_success | 8 | XML Limit Element Child check passed | |
| http_limit_max_post_length_success | 8 | MAX POST length check passed | |
| request_check_url_blacklist_violation | 8 | URI Black List violation | |
| dlp_ccn_discover_violation | 8 | Discover Credit Card Number Detected | |
| http_limit_max_headers_violation | 8 | Max Headers violation | |
| xml_check_max_elem_name_len_success | 8 | XML Limit Element Name Length check passed | |
| request_check_sqlia_post_body_sanitize | 8 | SQLIA Check Post Sanitized | |
| form_csrf_tag_violation | 8 | Form CSRF tag violation | |
| form_non_masked_password_success | 8 | Form Non Masked Password check passed | |
| json_check_max_string_violation | 8 | JSON Limit String violation | |
| http_protocol_non_ssl_cookie_prefix_violation | 8 | Cookie Name Prefix check violation | |
| http_limit_max_entities_success | 8 | Max Entities check passed | |
| action_drop | 8 | Number of Dropped Requests | |
| http_protocol_missing_header_value_success | 8 | Missing header value check violation | |
| action_response_allow | 8 | Response Action allowed | |
| xml_check_format_violation | 8 | XML Check violation | |
| request_check_xss_post_body_success | 8 | XSS Check Post passed | |
| xml_check_max_attr_success | 8 | XML Limit Attribute check passed | |
| dlp_ccn_amex_masked | 8 | Amex Credit Card Number Masked | |
| form_password_autocomplete_violation | 8 | Form Password Autocomplete violation | |
| response_cloaking_hide_status_code_violation | 8 | Response Hide Code violation | |
| request_check_sqlia_url_success | 8 | SQLIA Check URL passed | |
| http_protocol_allowed_headers_violation | 8 | HTTP headers check violation | |
| brute_force_violation | 8 | Brute-Force checks violation | |
| brute_force_challenge_captcha_success | 8 | Captcha challenge check passed | |
| brute_force_response_headers_triggered | 8 | Brute Force Response Headers Triggered | |
| http_limit_max_param_name_length_violation | 8 | Limit check - MAX parameter name length violation | |
| cookie_security_add_samesite_success | 8 | Cookie Security - samesite attribute added successfully | |
| evasion_check_remove_comments_violation | 8 | Remove Comments check violation | |
| request_check_command_injection_form_body_violation | 8 | Command Injection Check form body arguments violation | |
| evasion_check_decode_entities_violation | 8 | Decode Entities check violation | |
| request_check_session_check_violation | 8 | Session Check violation | |
| form_non_ssl_success | 8 | Form Non SSL check passed | |
| cookie_security_session_cookies_signed | 8 | Cookie Security - signed session cookies | |
| xml_check_max_entity_depth_violation | 8 | XML Limit Entity Depth violation | |
| xml_content_check_wsdl_violation | 8 | WSDL violation | |
| json_check_max_depth_success | 8 | JSON Limit Depth check passed | |
| http_protocol_get_with_content_violation | 8 | GET with content check violation | |
| cookie_security_allowed_session_set_cookies | 8 | Cookie Security - allowed session Set-Cookies | |
| xml_check_namespace_uri_len_success | 8 | XML Limit Namespace URI Length check passed | |
| evasion_check_multiple_slashes_success | 8 | Multiple Slashes check passed | |
| http_limit_max_params_length_violation | 8 | Limit check - MAX parameters total length violation | |
| http_protocol_violation | 8 | HTTP Check violation | |
| csp_header_inserted | 8 | CSP header Inserted | |
| form_non_ssl_violation | 8 | Form Non SSL violation | |
| http_protocol_host_header_with_ip_success | 8 | Host header with IP check passed | |
| sessions_freed | 8 | Sessions freed | |
| out_of_sessions | 8 | Out of sessions | |
| dlp_ssn_violation | 8 | Social Security Number Mask violation | |
| form_response_non_post_success | 8 | Response form method was POST | |
| sessions_alloc | 8 | Sessions allocated | |
| request_check_command_injection_headers_violation | 8 | Command Injection Check headers violation | |
| form_response_non_post_sanitize | 8 | Changed response form method to POST | |
| action_response_deny_redirect | 8 | Response Deny with Redirect | |
| request_check_referer_success | 8 | Referer Check passed | |
| cookie_security_missing_cookie_violation | 8 | Cookie Security - missing cookie violation | |
| http_protocol_malformed_content_length_violation | 8 | Malformed content-length check violation | |
| cookie_security_persistent_cookies_encrypted | 8 | Cookie Security - encrypted persistent cookies | |
| evasion_check_decode_unicode_chars_violation | 8 | Decode Unicode Chars check violation | |
| evasion_check_invalid_hex_encoding_success | 8 | Invalid Hex Encoding check passed | |
| evasion_check_apache_whitespace_violation | 8 | Apache Whitespace check violation | |
| cookie_security_signature_check_success | 8 | Cookie Security - signature check successful | |
| brute_force_challenge_limit_violation | 8 | Lockout limit violation | |
| total_req | 8 | Total Requests | |
| http_limit_max_cookie_value_length_success | 8 | MAX cookie value length check passed | |
| http_protocol_multiple_content_length_violation | 8 | Multiple content-length headers check violation | |
| action_deny_403 | 8 | Request Deny with 403 | |
| action_response_deny_reset | 8 | Deny with Resets | |
| form_csrf_tag_success | 8 | Form CSRF tag passed | |
| http_protocol_post_with_0_content_success | 8 | POST with 0 content check passed | |
| cookie_security_encrypt_success | 8 | Cookie Security - encrypt successful | |
| request_check_xss_cookie_sanitize | 8 | XSS Check Cookie Sanitized | |
| cookie_security_cookie_policy_success | 8 | Cookie Security - cookie policy passed | |
| xml_content_check_wsdl_success | 8 | WSDL passed | |
| cookie_security_disallowed_persistent_set_cookies | 8 | Cookie Security - disallowed persistent Set-Cookies | |
| action_response_deny_403 | 8 | Response Deny with 403 | |
| cookie_security_decrypt_violation | 8 | Cookie Security - decrypt violation | |
| http_protocol_get_with_content_success | 8 | GET with content check passed | |
| request_check_redirect_wlist_learn | 8 | Redirect Whitelist Learn | |
| http_limit_max_header_value_length_success | 8 | MAX header value length check passed | |
| evasion_check_remove_comments_success | 8 | Remove Comments check passed | |
| brute_force_challenge_javascript_violation | 8 | JavaScript challenge violation | |
| evasion_check_multiple_encoding_levels_success | 8 | Multiple Encoding Levels check passed | |
| cookie_security_allowed_persistent_cookies | 8 | Cookie Security - allowed persistent cookies | |
| http_protocol_allowed_method_check_success | 8 | HTTP Method Check passed | |
| request_check_url_list_violation | 8 | URL Check violation | |
| cookie_security_add_samesite_violation | 8 | Cookie Security - samesite attribute violation | |
| http_limit_max_query_length_success | 8 | Limit check - MAX query length check passed | |
| cookie_security_add_http_only_success | 8 | Cookie Security - http-only flag added successfully | |
| dlp_ccn_amex_violation | 8 | Amex Credit Card Number Detected | |
| json_check_max_string_success | 8 | JSON Limit String check passed | |
| http_limit_max_cookie_value_length_violation | 8 | MAX cookie value length violation | |
| brute_force_challenge_captcha_violation | 8 | Captcha challenge violation | |
| dlp_pcre_success | 8 | PCRE Mask check passed | |
| xml_check_max_entity_exp_success | 8 | XML Limit Entity Expansions check passed | |
| cookie_security_session_cookies_encrypted | 8 | Cookie Security - encrypted session cookies | |
| http_limit_max_cookies_violation | 8 | Max Cookies violation |