Historical (2021)
Ruleset | Rule ID | Legacy Rule ID | Description | Change Date | Old Action | New Action |
---|---|---|---|---|---|---|
Specials | ...fe5abb10 | 100515 | Log4j RCE Body - CVE-2021-44228 | Emergency, 2021-12-16 | Block | Block |
Specials | ...60ba67d7 | 100517 | Log4j RCE Advanced URI, Headers - CVE-2021-44228 | Emergency, 2021-12-14 | N/A | Disabled |
Specials | ...74430f12 | 100514 | Log4j RCE Headers - CVE-2021-44228 | Emergency, 2021-12-10 | N/A | Block |
Specials | ...fe5abb10 | 100515 | Log4j RCE Body - CVE-2021-44228 | Emergency, 2021-12-10 | N/A | Block |
Specials | ...d5e015dd | 100516 | Log4j RCE URI - CVE-2021-44228 | Emergency, 2021-12-10 | N/A | Block |
Specials | ...1c8e7f7f | 100009B3 | SQLi - ORDER/GROUP BY | 2021-11-01 | N/A | Disabled |
Specials | N/A | 100201_2 | Anomaly:Header:User-Agent - Fake Google Bot | 2021-11-01 | N/A | Block |
Specials | N/A | 100202_2 | Anomaly:Header:User-Agent - Fake Bing or MSN Bot | 2021-11-01 | N/A | Block |
Specials | N/A | 100203_2 | Anomaly:Header:User-Agent - Fake Yandex Bot | 2021-11-01 | N/A | Block |
Specials | N/A | 100204_2 | Anomaly:Header:User-Agent - Fake Baidu Bot | 2021-11-01 | N/A | Block |
Specials | ...88d80772 | 100008E2 | SQLi - AND/OR Digit Operator Digit | 2021-10-25 | N/A | Block |
Specials | ...a72a6b3a | 100009CB2 | SQLi - Equation | 2021-10-25 | N/A | Block |
Specials | ...2ebc44ad | 100008D | SQLi - Benchmark Function | 2021-10-25 | N/A | Block |
Specials | ...521e1eff | WP0036 | WordPress - Broken Access Control | 2021-10-19 | N/A | Block |
Specials | ...cfd0fac1 | 100135A | XSS - JavaScript Events - Improve Rule Coverage | 2021-10-04 | Block | Block |
Specials | ...95afef63 | 100135B | XSS - JavaScript Events - Improve Rule Coverage | 2021-10-04 | Block | Block |
Specials | ...b3de2e0a | 100410 | SQLi - Tautology - URI | 2021-10-04 | N/A | Block |
Specials | ...cfd0fac1 | 100135A | XSS - JavaScript Events - Improve Rule Coverage | 2021-09-06 | Block | Block |
Specials | ...de5e2367 | 100135C | XSS - JavaScript Events - Improve Rule Coverage | 2021-09-06 | Block | Block |
Specials | ...901dddd0 | 100139D | XSS, HTML Injection - Data URI - Improve Rule Coverage | 2021-09-06 | Block | Block |
Specials | ...69e0b97a | 100400 | Atlassian Confluence - Code Injection - CVE:CVE-2021-26084 | Emergency, 2021-09-01 | N/A | Block |
Specials | ...6aa0bef8 | 100201 | Anomaly:Header:User-Agent - Fake Google Bot | 2021-08-31 | Block | Block |
Specials | ...c12cf9c8 | 100202 | Anomaly:Header:User-Agent - Fake Bing or MSN Bot | 2021-08-31 | Block | Block |
Specials | ...f6cbb163 | 100203 | Anomaly:Header:User-Agent - Fake Yandex Bot | 2021-08-31 | Block | Block |
Specials | ...047f06b4 | 100204 | Anomaly:Header:User-Agent - Fake Baidu Bot | 2021-08-31 | Block | Block |
Specials | ...090d53ee | 100045 | Anomaly:URL:Path - Multiple Slashes, Relative Paths, CR, LF or NULL | 2021-08-23 | Disabled | Disabled |
Specials | ...603649a2 | 100210 | Laravel - Code Injection - CVE-2021-3129 | 2021-08-16 | N/A | Block |
Specials | ...fe8ceb2f | 100045A | Anomaly:URL:Query String - Multiple Slashes, Relative Paths, CR, LF or NULL | 2021-08-16 | N/A | Disabled |
OWASP XSS (URI) | N/A | uri-973345 | Improve rule performance | 2021-07-26 | Scoring Based | Scoring Based |
OWASP XSS | N/A | 973345 | Improve rule performance | 2021-07-26 | Scoring Based | Scoring Based |
Specials | N/A | 100009 | Improve rule performance | 2021-07-26 | Block | Block |
Specials | ...54622f7d | 100200 | Anomaly Header: Content-Type - Missing | 2021-07-26 | N/A | Disabled |
OWASP XSS (URI) | N/A | uri-973346 | Improve Rule Performance | 2021-07-19 | Scoring Based | Scoring Based |
OWASP XSS (URI) | N/A | uri-973322 | Improve Rule performance | 2021-07-19 | Scoring Based | Scoring Based |
OWASP XSS | N/A | 973346 | Improve Rule performance | 2021-07-19 | Scoring Based | Scoring Based |
OWASP XSS | N/A | 973322 | Improve Rule performance | 2021-07-19 | Scoring Based | Scoring Based |
Cloudflare Specials | N/A | 100197 | Block ReGeorg webshell | Emergency, 2021-07-01 | N/A | Block |
Cloudflare Specials | N/A | 100197B | Block ReGeorg webshell | Emergency, 2021-07-01 | N/A | Disabled |
Specials | N/A | 100196 | CVE-2021-21985 VSphere Virtual SAN Health Check | 2021-06-21 | N/A | Block |
Specials | N/A | 100136A | Improve rule performance | 2021-06-21 | Block | Block |
Specials | N/A | 100139A | Improve rule performance | 2021-06-14 | Disabled | Disabled |
Specials | N/A | 100139B | Improve rule performance | 2021-06-14 | Block | Block |
Specials | N/A | 100139C | Improve rule performance | 2021-06-14 | Block | Block |
Specials | N/A | 100195 | Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2021-31166 | 2021-06-07 | N/A | Block |
WordPress | N/A | WP0025D | Improve Rule Performance | 2021-06-01 | Block | Block |
WordPress | N/A | WP0026 | Improve Rule Coverage | 2021-06-01 | Block | Block |
WordPress | N/A | WP0023 | Improve Rule Performance - Supersedes 100245 | 2021-06-01 | Block | Block |
Specials | N/A | 100245 | Remove 100245 (WordPress - Broken Access Control - Update Script) - Superseded by WP0023 | 2021-06-01 | Block | Disabled |
Drupal | N/A | D0000 | Improve Rule Coverage | 2021-06-01 | Block | Block |
PHP | N/A | PHP100012 | Improve Rule Coverage | 2021-06-01 | Block | Block |
Specials | N/A | 100222 | Improve Rule Coverage | 2021-06-01 | Disabled | Disabled |
Cloudflare Specials | N/A | 100188A | CVE-2021-22893 Pulse Secure Vendor Workaround | Emergency, 2021-04-21 | N/A | Block |
Cloudflare Specials | N/A | 100038 | Improve Information Disclosure Coverage | 2021-04-19 | Block | Block |
Cloudflare Specials | N/A | 100185A | Deprecated Short PHP Open Tag ( | 2021-03-22 | N/A | Disable |
Cloudflare Specials | N/A | 100179 | Improve Rule Performance | 2021-03-08 | Block | Block |
Cloudflare Specials | N/A | 100181 | Microsoft Exchange - Code Injection - CVE-2021-26858 - CVE-2021-27065 | Emergency, 2021-03-06 | N/A | Block |
Cloudflare Specials | N/A | 100179 | Microsoft Exchange - SSRF - CVE-2021-26855 | Emergency, 2021-03-05 | N/A | Block |
Cloudflare Specials | N/A | 100005 | Improve LFI Log Injection/Disclosure coverage | 2021-03-01 | Block | Block |