Change filters to use POST instead of GET
We have a website hosted in AWS where we can make Admin Columns PRO to get working because of a security issue. This is what the service provider says:
It has been detected that a security rule is invalidating that request.
https://docs.aws.amazon.com/es_es/waf/latest/developerguide/aws-managed-rule-groups-use-case.html Specifically, it is the SQLi_QUERYARGUMENTS rule:
It uses the built-in AWS WAFSQL Injection Attack Rule Statement function, with the sensitivity level set to Low, to inspect the values of all query parameters for patterns that match malicious SQL code.
These rules cannot be deactivated by security policy of our environments.
Do you know if there’s anything we can do like changing the way the filters work somehow?
You must be logged in to reply to this topic.