Forum Discussion
erol_dogan_1164
Nimbostratus
NimbostratusASM detecting but not blocking the attack
Hello all,
I am using ASM and a Apache Tomcat based web application behind it. I am testing negative security accuracy of the ASM and realized that it is not blocking the attacks even it detect...
erol_dogan_1164Nimbostratus
NimbostratusHello Math,
I noticed that it is the case exactly what you advise. Thank you :)
When I checked the parameter (actually it is wildcard) referring the attack, it was by default in staging mode. When I disabled the staging, system started to block the violations.
Regards
Erol
Ahmad_Faiz_1405Nimbostratus
NimbostratusHi Erol,
Same environment happened to me which all testing made for SQL Injection will go learned under Manual Traffic Learning -> Attack signatures detected page and not appeared in Event Logs. Tried to disable a staging mode on wildcard parameter but still no luck.
Beside that, I also include and enable all SQL Injection signature to Security ›› Application Security : Parameters : Parameters List ›› Parameter Properties ›› Attack Signatures.
Any way you can advice is there any additional setting need to be made to start blocking the violations and appear in event logs. Looking forward to hear from you on how you solve this issues :)
Rgds,
Faiz