jquerin
Oct 26, 2023Nimbostratus
Possible False Positive for OWASP rule in AWS - div_tag_parameter_AllQueryArguments_Body
We have a WordPress website and we just recently enabled the F5-OWASP_Managed Rule set in AWS.
I noticed we had had over 50 requests blocked from users within our network. It looks like they were attempting to save the page among other valid type requests. The rule that is blocking the request is "rule_div_tag__behavior__Parameter__AllQueryArguments_Body"
I've currently set the blocking rule to "Override to Allow" but I would prefer to not have this rule set to this, but I do not wish to have our site editors blocked from making valid site updates.
I have a downloaded CSV from Cloudwatch of all the blocked requests with the parameters, etc.