It provides a protection layer for applications. (Link no longer valid) has details on the process. Azure WAF provides protection of web applications against attack vectors such as bots, cross site scripts etc.(Link no longer valid) has background info Azure Web Application Firewall is a cloud-native service that protects web apps from common web-hacking techniques such as SQL injection and security.It is a long list, too long to describe here but the reference sites might be easier to understand than the raw rules.
Essentially it is looking at the query to see if there is anything suspect in it (comments trying to obfuscate commands, backticks in the wrong place, trying to gain server/host information, etc). Here is a list of reference material that OWASP used to create the rules for SQL injections.
0 kommentar(er)
