Forum Discussion
Dave_Pisarek
Nov 03, 2017Cirrus
Nut,
All signatures are set to yes for Alarm and Block Policy is applied to VS Blocking Multiple SQL Union (Parameter) signatures are triggered.
S,
Good call with the all requests. I set the policy to log all requests and saw the index.php log with attack signatures showing in staging??
Staging is disabled on this policy and when I look at the specific signatures they are not in staging:
If I look at where the GET in a referer the signatures are not in staging. Of course these are the (Header) type signature versus (Parameter) but why would one be in staging versus the other?
Again all that is enabled is the SQL Injection Signature set and none of them show in staging. Policy building is manual.