Rule 307 – Excessive user-agent string length

  • Resolved grega2

    (@grega2)


    4 years, 8 months ago

    Hi,

    Iam getting this events in the log. I think that this are false positives…

    I know how to disable that rule. But I would like to know, if I leave this rule enabled, will it block the users, or just shorten the user-agent string and let them to visit the website?

    10/Sep/21 09:03:41 #6532030 HIGH 307 XXXXXXX GET /index.php – Excessive user-agent string length (400+ characters) – [SERVER:HTTP_USER_AGENT = Mozilla/5.0 (Linux; Android 9; JSN-L21 Build/HONORJSN-L21; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/93.0.4577.62 Mobile Safari/537.36 [FBAN/EMA;FBLC/cs_CZ…]

    11/Sep/21 10:56:24 #5475105 HIGH 307 XXXXXXX GET /index.php – Excessive user-agent string length (400+ characters) – [SERVER:HTTP_USER_AGENT = Mozilla/5.0 (Linux; Android 8.0.0; AUM-L29 Build/HONORAUM-L29; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/93.0.4577.62 Mobile Safari/537.36 [FBAN/EMA;FBLC/c…]

Viewing 1 replies (of 1 total)
  • Plugin Author nintechnet

    (@nintechnet)

    4 years, 8 months ago

    The firewall will block the user.
    It’s the first time I see a browser with a signature that exceeds 400 characters.
    Go to “Security Rules > Rules Editor”, select rules #307 and click the “Disable it” button. That will disable the rule.

Viewing 1 replies (of 1 total)

The topic ‘Rule 307 – Excessive user-agent string length’ is closed to new replies.