False Positive Rule ID 67.

[CryptoCurrencyflorI]

Why does Rule ID 67 keep triggering false positives, and how can we adjust the rule to prevent this from happening in the future?

 

[rr]

Why does Rule ID 67 keep triggering false positives, and how can we adjust the rule to prevent this from happening in the future?

Hello,

The block in CE version occurred regarding ../ occurence in your request in any HTTP zone.

If it's a false positive, you can whitelist the rule. Find relevant examples here: Creating a signature exclusion rule. Or use Nemesida WAF with Machine Learning module for automatic adaptation for your WebApp.

The full set of Nemesida WAF signatures is available here: rlinfo.nemesida-security.com