Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

JSON Parser Attack

Sriram_Shanmuga
Altostratus
Altostratus

‎20-Sep-2018 04:39

Hi All,

 

I have enabled WAF policy in blocking mode and i could see the WAF is blocking. Client is using JSON scripts and its being blocked by WAF.

 

How to bypass the JSON parser attack .

 

Thanks

 

Labels:
0 Kudos
2 REPLIES 2

Sriram_Shanmuga
Altostratus
Altostratus

‎20-Sep-2018 09:38

I have enabled WAF policy and apply to a Virtual server in Transparent mode. When the user execute JSON script in Postman tool, they are thrown a support id.

 

Is it an expected behavior from WAF ?

 

Regaards RAM

 

0 Kudos

OM
Nimbostratus
Nimbostratus

‎07-Apr-2022 11:20

enabling WAF may block requests if you don't custom your policy according to your needs.

if your json content has some special characters or any pattern that may match a signature, the request may get blocked.

you can look at the logs and see what is the reason of the blocking.

0 Kudos
Copyright © 2023 Khoros, LLC