Forum Discussion
hooleylist
May 24, 2013Cirrostratus
Hi Lazar,
The signature is looking for drop and schema and a fairly complex regex. It's not just looking for those two key words.
If you're seeing false positives on just one parameter, I'd disable the signature on a new global parameter with that name. If you're seeing false positives on several parameters, you could disable the signature across the policy.
Aaron