System WAF Rules

System WAF rules are rules downloaded from UserGate servers automatically after license activation. System rules are displayed in the web interface for viewing only and cannot be edited. For quick search, there is a filter and sorting by fields in the rules table. The layers are grouped by attack type.

Field name

API field name

Description

Protection level

threat_level

The protection level of this rule

  • 1 (very low)
  • 2 (low)
  • 3 (medium)
  • 4 (high)
  • 5 (very high)

Rule ID

id

The rule ID.

Name

name

The name of the rule.

Description

A description of the rule.

Link

refs

Links to external resources with descriptions of vulnerabilities.

Last update

date

The last time the rule was updated on UserGate servers.

System WAF layers

layer

The system layer to which the rule applies. System rules are grouped by types of known vulnerabilities:

  • Abuse of Functionality.
  • Authentication/Authorization Attacks.
  • Buffer Overflow.
  • Command Execution.
  • Denial of Service.
  • Detection Evasion.
  • Directory Indexing.
  • HTTP Parser Attack.
  • HTTP Response Splitting.
  • Information Leakage.
  • LDAP Injection attempt.
  • SQL-injection.
  • Malicious File Upload.
  • Microsoft OWA.
  • Other Application Attacks.
  • Path Traversal.
  • Predictable Resource Location.
  • Remote File Include.
  • Server Side Code Injection.
  • Session Hijacking.
  • Trojan/Backdoor/Spyware.
  • Vulnerability Scan.
  • XPath Injection.
  • Cross site scripting (XSS).
  • XML External Entity (XXE).