Closed sboonyakiatACR closed 1 year ago
Thanks for opening this issue. We will add support for the SQLi managed rule group in the upcoming solution release that should include JSON inspection for SQLi. Meanwhile you can customize the SQL injection custom rule to achieve the same protection.
In December 2022 there is an article regarding how to bypass AWS WAF by stuffing JSON in SQL as per https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf Can we add the SQL injection rule that inspects JSON objects for SQL Injection attack or anything else that will prevent this bypass? I do see that AWS WAF has supported JSON Parsing and inspection since Feb 2021 https://aws.amazon.com/about-aws/whats-new/2021/02/aws-waf-support-json-body-inspection/