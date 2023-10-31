Historical - 2022
|Ruleset
|Rule ID
|Legacy Rule ID
|Description
|Change Date
|Old Action
|New Action
|Cloudflare Specials
|...2aede3db
|100554
|Openam - Remote Code Execution - CVE:CVE-2021-35464
|2022-12-12
|N/A
|Disabled
|Cloudflare Specials
|...2ab75038
|100556
|Apache JXPath Library - Code Injection - CVE:CVE-2022-41852
|2022-12-12
|N/A
|Disabled
|Cloudflare Specials
|...b8ef67d7
|N/A
|SQLi - Equation
|2022-11-29
|N/A
|Block
|Cloudflare Specials
|...128f1556
|N/A
|SQLi - Generic
|2022-11-14
|N/A
|Block
|Cloudflare Specials
|...b9cfd82d
|100552
|JXPath RCE - CVE:CVE-2022-41852
|2022-10-31
|N/A
|Block
|Cloudflare Specials
|...66edb651
|100555
|Apache Commons Text - Code Injection - CVE:CVE-2022-42889
|Emergency, 2022-10-18
|N/A
|Block
|Cloudflare Specials
|...1bc977d1
|100005
DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892, CVE:CVE-2022-31474This detection was announced as ...845e3ec7 on new WAF.
|2022-10-17
|N/A
|Block
|Sensitive Data Disclosure (SDD)
|...eebf3863
|N/A
California Driver's LicenseThis detection is part of Sensitive Data Disclosure (SDD).
|2022-10-17
|Log
|Disable
|Sensitive Data Disclosure (SDD)
|...5b82d61c
|N/A
Florida Driver's LicenseThis detection is part of Sensitive Data Disclosure (SDD).
|2022-10-17
|Log
|Disable
|Sensitive Data Disclosure (SDD)
|...d47285a0
|N/A
Illinois Driver's LicenseThis detection is part of Sensitive Data Disclosure (SDD).
|2022-10-17
|Log
|Disable
|Sensitive Data Disclosure (SDD)
|...9f7200b4
|N/A
New York Driver's LicenseThis detection is part of Sensitive Data Disclosure (SDD).
|2022-10-17
|Log
|Disable
|Sensitive Data Disclosure (SDD)
|...440ec8b9
|N/A
UK Driver's LicenseThis detection is part of Sensitive Data Disclosure (SDD).
|2022-10-17
|Log
|Disable
|Sensitive Data Disclosure (SDD)
|...c78cf1e1
|N/A
UK National Insurance NumberThis detection is part of Sensitive Data Disclosure (SDD).
|2022-10-17
|Log
|Disable
|Sensitive Data Disclosure (SDD)
|...0f8f2657
|N/A
UK PassportThis detection is part of Sensitive Data Disclosure (SDD).
|2022-10-17
|Log
|Disable
|Sensitive Data Disclosure (SDD)
|...5fe4101e
|N/A
US PassportThis detection is part of Sensitive Data Disclosure (SDD).
|2022-10-17
|Log
|Disable
|Sensitive Data Disclosure (SDD)
|...0a290153
|N/A
Wisconsin Driver's LicenseThis detection is part of Sensitive Data Disclosure (SDD).
|2022-10-17
|Log
|Disable
|Cloudflare Specials
|...e0de97a2
|100553
|FortiOS - Authentication Bypass - CVE:CVE-2022-40684
|Emergency, 2022-10-14
|N/A
|Block
|Cloudflare Specials
|...ee9bb2f5
|100549
|Atlassian Bitbucket - Code Injection - CVE:CVE-2022-36804
|2022-10-10
|N/A
|Block
|Cloudflare Specials
|...1d870399
|100546
|XSS - HTML Encoding
|2022-10-03
|N/A
|Block
|Cloudflare Specials
|...e09c1a1e
|100551
|Microsoft Exchange SSRF and RCE vulnerability - CVE:CVE-2022-41040, CVE:CVE-2022-41082
|Emergency, 2022-10-03
|N/A
|Block
|Cloudflare Specials
|...ee9bb2f5
|100549
|Atlassian Bitbucket - Code Injection - CVE:CVE-2022-36804
|Emergency, 2022-09-20
|N/A
|Block
|Cloudflare Specials
|...cfd0fac1
|100135A
XSS - JavaScript EventsThis detection was announced in BETA with ID ...92c2ad9f on new WAF and ID 100135A_BETA on legacy WAF.
|2022-09-12
|Block
|Block
|Cloudflare Specials
|...e09c1a1e
|100542
Broken Authentication - VMware - CVE:CVE-2022-31656, CVE:CVE-2022-22972This detection was announced in BETA with ID ...df7d4d7b on new WAF and ID 100542_BETA on legacy WAF.
|2022-09-12
|Block
|Block
|Cloudflare Specials
|...36fe4cbb
|100547
|Sophos Firewall Auth Bypass Vulnerability - CVE:CVE-2022-1040
|2022-09-12
|N/A
|Block
|Cloudflare Specials
|...4529da66
|100504
|Atlassian - CVE:CVE-2021-26086
|2022-09-12
|N/A
|Block
|Cloudflare Specials
|...b090ba9a
|100303
Command Injection - NslookupThis detection was announced in BETA with ID ...d5488862 on new WAF and ID 100303_BETA on legacy WAF.
|2022-09-05
|Block
|Block
|Cloudflare Specials
|...3a9dc737
|100532B
|Vulnerability scanner activity 2
|2022-08-30
|N/A
|Disable
|Cloudflare Specials
|...9b16ea5e
|N/A
|CVE-2020-13443
|2022-08-30
|N/A
|Block
|Cloudflare Specials
|...fd9eb416
|100541
|Code Injection - WordPress Weblizar Backdoor - CVE:CVE-2022-1609
|2022-08-22
|N/A
|Block
|Cloudflare Specials
|...e09c1a1e
|100542
|Broken Authentication - VMware - CVE:CVE-2022-31656
|2022-08-22
|N/A
|Block
|Cloudflare Specials
|...9ff2129f
|100544
|Zimbra - Command Injection - CVE:CVE-2022-27925, CVE:CVE-2022-30333
|2022-08-22
|N/A
|Block
|Cloudflare Specials
|...94700cae
|N/A
|Drupal, Magento, PHP - Deserialization - CVE:CVE-2019-6340, CVE:CVE-2016-4010 - 2
|2022-08-22
|N/A
|Block
|Cloudflare Specials
|...1bc977d1
|100005
|DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892
|2022-08-22
|N/A
|Block
|Cloudflare Specials
|...8e2e15a5
|N/A
|SQLi - Strict
|2022-08-15
|N/A
|Disable
|Cloudflare Specials
|...25ba9d7c
|N/A
|SSRF - Cloud
|2022-08-15
|N/A
|Disable
|Cloudflare Specials
|...8242627b
|N/A
|SSRF - Local
|2022-08-15
|N/A
|Disable
|Cloudflare Specials
|...74a51804
|N/A
|SSRF - Host
|2022-08-15
|N/A
|Disable
|Cloudflare Specials
|...d77be6e7
|100540
|XSS, Code Injection - Elementor - CVE:CVE-2022-29455
|2022-08-01
|N/A
|Block
|Cloudflare Specials
|...b21a6d17
|100539
|Alibaba Fastjson Remote Code Execution - CVE:CVE-2022-25845
|2022-08-01
|N/A
|Block
|Cloudflare Specials
|...49e6b538
|100534
|Webshell Activity
|2022-08-01
|N/A
|Block
|Cloudflare Specials
|...8d667511
|N/A
|NoSQL, MongoDB - SQLi - Comparison
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...6418cd0a
|N/A
|NoSQL, MongoDB - SQLi - Expression
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...0d64e8c3
|N/A
|PostgreSQL - SQLi - COPY
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...fe93af88
|N/A
|SQLi - AND/OR Digit Operator Digit
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...5dfbd021
|N/A
|SQLi - AND/OR Digit Operator Digit - 2
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...95cb1c78
|N/A
|SQLi - AND/OR MAKE_SET/ELT
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...33a94329
|N/A
|SQLi - Benchmark Function
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...a0ac8609
|N/A
|SQLi - Equation
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...e3f62041
|N/A
|SQLi - ORD and ASCII
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...5dcf99b7
|N/A
|SQLi -
SELECT Expression
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...2514d20d
|N/A
|SQLi - Sleep Function
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...cf1914a0
|N/A
|SQLi - String Concatenation
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...484037ce
|N/A
|SQLi - String Function
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...42123a6c
|N/A
|SQLi - Sub Query
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...d7aa0008
|N/A
|SQLi -
UNION in MSSQL
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...3306fcc2
|N/A
|SQLi - WaitFor Function
|2022-08-01
|N/A
|Disable
|Cloudflare Specials
|...1651d0c8
|100536
|GraphQL Injection
|2022-07-25
|N/A
|Block
|Cloudflare Specials
|...6a648210
|100537
|Oracle ADF Remote Code Execution - CVE:CVE-2022-21445
|2022-07-25
|N/A
|Block
|Cloudflare Specials
|...2753531e
|100533
|NoSQL - Injection
|2022-07-18
|N/A
|Block
|Cloudflare Specials
|...49e6b538
|100534
|Web Shell Activity
|2022-07-18
|N/A
|Block
|Cloudflare Specials
|...851d2f71
|100007C
|Command Injection - Common Attack Commands
|2022-07-18
|N/A
|Block
|Cloudflare Specials
|...aa290ad9
|100135D
|XSS - JS On Events
|2022-07-18
|N/A
|Block
|Cloudflare Specials
|N/A
|100045B
|Anomaly:Header, Directory Traversal - Multiple Slashes, Relative Paths, CR, LF or NULL
|2022-07-06
|Log
|Block
|Cloudflare Specials
|...34780914
|100532
|Vulnerability scanner activity
|2022-07-05
|N/A
|Block
|Cloudflare Specials
|...d503ded0
|N/A
|XSS, HTML Injection
|2022-06-20
|N/A
|Disable
|Cloudflare Specials
|...fd09a0e6
|N/A
|XSS - JavaScript Events
|2022-06-20
|N/A
|Disable
|Cloudflare Specials
|...f4b0220e
|100703
|Validate Headers
|Emergency, 2022-06-10
|N/A
|Block
|Cloudflare Specials
|...408cff2b
|100531
|Atlassian Confluence - Code Injection - CVE:CVE-2022-26134 (rule improvement)
|Emergency, 2022-06-07
|N/A
|Block
|Cloudflare Specials
|...0c99546a
|100702
|Command Injection - CVE:CVE-2022-24108
|2022-06-06
|N/A
|Block
|Cloudflare Specials
|...e184d050
|100701
|Command Injection - CVE:CVE-2022-30525
|2022-06-06
|N/A
|Block
|Cloudflare Specials
|...56c390a1
|N/A
|DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892 2
|2022-06-06
|N/A
|Block
|Cloudflare Specials
|...3456f611
|N/A
|XXE - System Function
|2022-06-06
|N/A
|Block
|Cloudflare Specials
|...ae5baf61
|100005
|DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892
|2022-06-06
|N/A
|Block
|Cloudflare Specials
|...bb44c04a
|100531B
|Atlassian Confluence - Code Injection - Extended - CVE:CVE-2022-26134
|Emergency, 2022-06-04
|N/A
|Disabled
|Cloudflare Specials
|...408cff2b
|100531
|Atlassian Confluence - Code Injection - CVE:CVE-2022-26134 (rule improvement)
|Emergency, 2022-06-04
|N/A
|Block
|Cloudflare Specials
|...408cff2b
|100531
|Atlassian Confluence - Code Injection - CVE:CVE-2022-26134
|Emergency, 2022-06-03
|N/A
|Block
|Cloudflare Specials
|...408cff2b
|100531
|Atlassian Confluence - Code Injection - CVE:CVE-2022-26134 (rule improvement)
|Emergency, 2022-06-03
|N/A
|Block
|Cloudflare Specials
|...408cff2b
|100531
|Atlassian Confluence - Code Injection - CVE:CVE-2022-26134 (rule improvement)
|Emergency, 2022-06-03
|N/A
|Block
|Cloudflare Specials
|...0d20ddd9
|100054
|Improve Apache Struts detection. Merge 100054_BETA into 100054 and ...f0c856b4 into ...0d20ddd9. Apache Struts - Command Injection - CVE:CVE-2017-5638.
|2022-05-30
|N/A
|Block
|Cloudflare Specials
|...e1787c92
|N/A
|Microsoft Exchange - Code Injection
|2022-05-16
|N/A
|Block
|Specials
|...d6e3073f
|100530
|Command Injection - RCE in BIG-IP - CVE:CVE-2022-1388
|Emergency, 2022-05-10
|N/A
|Block
|Cloudflare Specials
|...02a9ee96
|100528
|Code Injection - CVE:CVE-2022-29078
|2022-05-09
|N/A
|Block
|Cloudflare Specials
|...422313d0
|100529
|VMware vCenter - CVE:CVE-2021-22054
|2022-05-09
|N/A
|Block
|Cloudflare Specials
|...370dc796
|N/A
|PostgreSQL - SQLi, Command Injection - CVE:CVE-2019-9193
|2022-05-09
|N/A
|Disable
|Cloudflare Specials
|...61337861
|100056_BETA
|Apache Struts - Code Injection - CVE:CVE-2017-9791 - Beta
|2022-04-25
|Disable
|Block
|Cloudflare Specials
|...bb70a463
|100527
|Apache Struts - CVE:CVE-2021-31805
|2022-04-25
|Disable
|Block
|Cloudflare Specials
|...a24f08b7
|100526
|VMware vCenter - CVE:CVE-2022-22954
|2022-04-25
|Disable
|Block
|Cloudflare Specials
|...4343ef6b
|N/A
|Anomaly:Header:X-Forwarded-Host
|2022-04-20
|N/A
|Disable
|Cloudflare Specials
|...ad8ba4bc
|N/A
|Anomaly:Header:Content-Length - Missing in POST
|2022-04-20
|N/A
|Disable
|Cloudflare Specials
|...cc74ff69
|N/A
|Anomaly:Header:Accept - Missing or Empty
|2022-04-20
|N/A
|Disable
|Cloudflare Specials
|...041699fb
|N/A
|Practico CMS - SQLi
|2022-04-20
|N/A
|Disable
|Cloudflare Specials
|...4751ef80
|N/A
|Joomla - Anomaly:Header:User-Agent
|2022-04-20
|N/A
|Disable
|Cloudflare Specials
|...f2cc4e84
|100524
|Spring - Code Injection
|2022-04-11
|N/A
|Block
|Cloudflare Specials
|...4e742bb6
|N/A
|Drupal - Header Injection - CVE:CVE-2018-14774
|2022-04-11
|N/A
|Disable
|Cloudflare Specials
|...e46c6d76
|N/A
|Drupal - XSS - CVE:CVE-2018-9861
|2022-04-11
|N/A
|Disable
|Specials
|...f2cc4e84
|100524
|Spring - Code Injection
|Emergency, 2022-04-04
|Simulate
|Block
|Specials
|...fbe6c869
|100522
|Spring - CVE:CVE-2022-22947
|Emergency, 2022-04-04
|Simulate
|Block
|Specials
|...f2cc4e84
|100524
|Spring - Code Injection
|Emergency, 2022-03-31
|N/A
|Simulate
|Specials
|...fbe6c869
|100522
|Spring - CVE:CVE-2022-22947
|Emergency, 2022-03-29
|N/A
|Simulate
|Cloudflare Specials
|...e7c9a2c4
|100519B
|Magento - CVE:CVE-2022-24086
|2022-03-14
|N/A
|Block
|Cloudflare Specials
|...a37c3733
|100520
|Apache - CVE:CVE-2022-24112
|2022-03-14
|N/A
|Block
|Cloudflare Specials
|...664ed6fe
|100015
|Anomaly:Port - Non Standard Port (not 80 or 443)
|2022-03-14
|N/A
|Disable
|Cloudflare Specials
|...5723bcc9
|100022
|Anomaly:Method - Not
GET or
POST
|2022-03-14
|N/A
|Disable
|Cloudflare Specials
|...3fccf643
|100519
|Magento - CVE:CVE-2022-24086
|2022-03-07
|N/A
|Block
|Cloudflare Specials
|...5ea3d579
|100518
|SAP - Code Injection - CVE:CVE-2022-22532
|2022-02-28
|N/A
|Block
|Cloudflare Specials
|...69e0b97a
|100400
|Atlassian Confluence - Code Injection - CVE:CVE-2021-26084 - Improve Rule Coverage
|2022-02-21
|Block
|Block
|Cloudflare Specials
|N/A
|PHP100001
|PHP - Command Injection - CVE:CVE-2012-2336, CVE:CVE-2012-2311, CVE:CVE-2012-1823
|2022-02-14
|Challenge
|Block
|Cloudflare Specials
|...dc29b753
|100515B
|Log4j Body Obfuscation
|2022-02-14
|N/A
|Block
|Cloudflare Specials
|...69fe1e0d
|100700
|Apache SSRF vulnerability CVE-2021-40438
|2022-01-24
|N/A
|Block