← HeatShield Docs

ModSecurity CRS Rule Group 942 Application Attack SQLi

Checks for application attacks using SQL injections.

View rules on GitHub.

Rules

942330	Detects classic SQL injection probings 1/3

942430	SAP CRM Java vulnerability CVE-2018-2380

942490	Detects classic SQL injection probings 3/3

942340	Detects basic SQL authentication bypass attempts 3/3

942350	Detects MySQL UDF injection and other data/structure manipulation attempts

942361	rule is a stricter sibling of 942360

942320	Detects MySQL and PostgreSQL stored procedure/function injections

942480	SQL Injection Attack

942400	SQL Injection Attack

942140	Detect DB Names

942251	SQL HAVING queries

942421	Restricted SQL Character Anomaly Detection (cookies): # of special characters exceeded (3)

942440	Detect SQL Comment Sequences

942200	SAP CRM Java vulnerability CVE-2018-2380

942240	Detects MySQL charset switch and MSSQL DoS attempts

942270	Looking for basic sql injection.

942220	Looking for integer overflow attacks

942432	Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (2)

942410	SQL Injection Attack

942120	SAP CRM Java vulnerability CVE-2018-2380

942250	Detects MATCH AGAINST, MERGE and EXECUTE IMMEDIATE injections

942290	Finds basic MongoDB SQL injection attempts

942170	Detects SQL benchmark and sleep injection attempts including conditional queries

942160	Detects blind sqli tests using sleep() or benchmark()

942500	Detects MySQL in-line comments that can be used to bypass SQLi detection

942280	Detects Postgres pg_sleep injection, waitfor delay attacks and database shutdown attempts

942310	Detects chained SQL injection attempts 2/2

942431	AP CRM Java vulnerability CVE-2018-2380

942100	LibInjection Check

942380	SQL Injection Attack

942370	This rule is a sibling of 942330. See that rule for a description and overview

942180	Detects basic SQL authentication bypass attempts 1/3

942470	SQL Injection Attack

942150	SAP CRM Java vulnerability CVE-2018-2380

942210	SAP CRM Java vulnerability CVE-2018-2380

942260	Detects basic SQL authentication bypass attempts 2/3

942300	Detects MySQL comments, conditions and ch(a)r injections

942190	Detects MSSQL code execution and information gathering attempts

942360	Detects concatenated basic SQL injection and SQLLFI attempts

942230	Detects conditional SQL injection attempts

942420	SQL Injection Character Anomaly Usage

942450	SQL Hex Evasion Methods

942130	SQL Tautology detection

942110	Identifies common initial SQLi probing requests where attackers insert/append quote characters to the existing normal payload to see how the app/db responds

942460	This rule attempts to identify when multiple (4 or more) non-word characters are repeated in sequence.

942390	SQL Injection Attack

Advanced security for your WordPress sites