search

small-hack / argocd-apps

Common Argo CD templates we use for self hosted cloud stuff. We're still working towards full stability, but feel free to take things or ask questions :)
GNU General Public License v3.0
16 stars 1 forks source link

WAF exemption from 942100 for prometheus and loki #1035

Closed cloudymax closed 3 days ago

cloudymax commented 3 days ago

Prevents the following when refreshing a grafana dashboard:

Tue Jul 2 19:58:00 2024 Severity: 2 Rule: 942100 Reason: SQL Injection Attack Detected via libinjection Event: request for 10.42.0.11:443/api/ds/query?ds_type=prometheus&requestId=Q130 from 192.168.1.1

Screenshot 2024-07-02 at 20 03 08
cloudymax commented 3 days ago

we reviewed this offline together 👍

jessebot commented 3 days ago

Awesome, thanks for this!