Closed bryan-robitaille closed 2 years ago
Also blocking on AWS#AWSManagedRulesCommonRuleSet#GenericLFI_BODY
Related to cds-snc/platform-sre-security-support#47
Some possible solutions to exclude only GenericLFI_BODY
for specific URLs:
cds-snc/platform-sre-security-support#49
The label_match_statement
is now part of the latest AWS Terraform provider, so you can use something like the following to exclude WAF ACL managed rules from specific URLs only:
https://github.com/cds-snc/platform-sre-security-support/issues/49#issuecomment-993877133
It's working nicely in Articles.
AWS Web Application Firewall is blocking some file uploads due to a positive detection of
AWS#AWSManagedRulesCommonRuleSet#CrossSiteScripting_BODY
. This is due to image files having random characters in their metadata which can lead to false detections. https://aws.amazon.com/premiumsupport/knowledge-center/waf-upload-blocked-files/