Hub WAF rule

More info

vpatch-symfony-profiler WAF Rule

« Symfony Profiler - Exposure »
v0.2 by crowdsecurity
WAF rule

Detect abuse of symfony profiler

Installation

cscli appsec-rules install crowdsecurity/vpatch-symfony-profiler

YAML Configuration

1name: crowdsecurity/vpatch-symfony-profiler
2description: "Detect abuse of symfony profiler"
3rules:
4  - zones:
5    - URI
6    transform:
7    - lowercase
8    match:
9      type: contains
10      value: /_profiler/phpinfo
11  - zones:
12    - URI
13    transform:
14    - lowercase
15    match:
16      type: contains
17      value: /_profiler/open
18labels:
19  type: scan
20  service: http
21  confidence: 3
22  spoofable: 0
23  behavior: "http:scan"
24  label: "Symfony Profiler - Exposure"
25  classification:
26   - attack.T1595
27   - attack.T1190
28

Hub WAF rule

« Symfony Profiler - Exposure »v0.2 by crowdsecurityWAF rule

« Symfony Profiler - Exposure »
v0.2 by crowdsecurity
WAF rule