Skip to content

App Gateway - OWASP Changelog: 2.2.9 → 3.0

Generated: 05 July 2026 | Base: 2.2.9 | Target: 3.0

Summary: 159 added · 244 removed · 0 changed

Added Rules

Rule ID Rule Group Name Description Action State
800100 Known-CVEs Rule to help detect and mitigate log4j vulnerability - CVE-2021-44228 AnomalyScoring Enabled
800110 Known-CVEs Spring4Shell Interaction Attempt AnomalyScoring Enabled
800111 Known-CVEs Attempted Spring Cloud routing-expression injection - CVE-2022-22963 AnomalyScoring Enabled
800112 Known-CVEs Attempted Spring Framework unsafe class object exploitation - CVE-2022-22965 AnomalyScoring Enabled
800113 Known-CVEs Attempted Spring Cloud Gateway Actuator injection - CVE-2022-22947 AnomalyScoring Enabled
911100 REQUEST-911-METHOD-ENFORCEMENT Method is not allowed by policy AnomalyScoring Enabled
913100 REQUEST-913-SCANNER-DETECTION Found User-Agent associated with security scanner AnomalyScoring Enabled
913101 REQUEST-913-SCANNER-DETECTION Found User-Agent associated with scripting/generic HTTP client AnomalyScoring Enabled
913102 REQUEST-913-SCANNER-DETECTION Found User-Agent associated with web crawler/bot AnomalyScoring Enabled
913110 REQUEST-913-SCANNER-DETECTION Found request header associated with security scanner AnomalyScoring Enabled
913120 REQUEST-913-SCANNER-DETECTION Found request filename/argument associated with security scanner AnomalyScoring Enabled
920100 REQUEST-920-PROTOCOL-ENFORCEMENT Invalid HTTP Request Line AnomalyScoring Enabled
920120 REQUEST-920-PROTOCOL-ENFORCEMENT Attempted multipart/form-data bypass AnomalyScoring Enabled
920130 REQUEST-920-PROTOCOL-ENFORCEMENT Failed to parse request body. AnomalyScoring Enabled
920140 REQUEST-920-PROTOCOL-ENFORCEMENT Multipart request body failed strict validation: PE %{REQBODY_PROCESSOR_ERROR}, BQ %{MULTIPART_BOUNDARY_QUOTED}, BW %{MULTIPART_BOUNDARY_WHITESPACE}, DB %{MULTIPART_DATA_BEFORE}, DA %{MULTIPART_DATA_AFTER}, HF %{MULTIPART_HEADER_FOLDING}, LF %{MULTIPART_LF_LINE}, SM %{MULTIPART_SEMICOLON_MISSING}, IQ %{MULTIPART_INVALID_QUOTING}, IH %{MULTIPART_INVALID_HEADER_FOLDING}, FLE %{MULTIPART_FILE_LIMIT_EXCEEDED} AnomalyScoring Enabled
920160 REQUEST-920-PROTOCOL-ENFORCEMENT Content-Length HTTP header is not numeric. AnomalyScoring Enabled
920170 REQUEST-920-PROTOCOL-ENFORCEMENT GET or HEAD Request with Body Content. AnomalyScoring Enabled
920180 REQUEST-920-PROTOCOL-ENFORCEMENT POST request missing Content-Length Header. AnomalyScoring Enabled
920190 REQUEST-920-PROTOCOL-ENFORCEMENT Range: Invalid Last Byte Value. AnomalyScoring Enabled
920200 REQUEST-920-PROTOCOL-ENFORCEMENT Range: Too many fields (6 or more) AnomalyScoring Enabled
920201 REQUEST-920-PROTOCOL-ENFORCEMENT Range: Too many fields for pdf request (35 or more) AnomalyScoring Enabled
920202 REQUEST-920-PROTOCOL-ENFORCEMENT Range: Too many fields for pdf request (6 or more) AnomalyScoring Enabled
920210 REQUEST-920-PROTOCOL-ENFORCEMENT Multiple/Conflicting Connection Header Data Found. AnomalyScoring Enabled
920220 REQUEST-920-PROTOCOL-ENFORCEMENT URL Encoding Abuse Attack Attempt AnomalyScoring Enabled
920230 REQUEST-920-PROTOCOL-ENFORCEMENT Multiple URL Encoding Detected AnomalyScoring Enabled
920240 REQUEST-920-PROTOCOL-ENFORCEMENT URL Encoding Abuse Attack Attempt AnomalyScoring Enabled
920250 REQUEST-920-PROTOCOL-ENFORCEMENT UTF8 Encoding Abuse Attack Attempt AnomalyScoring Enabled
920260 REQUEST-920-PROTOCOL-ENFORCEMENT Unicode Full/Half Width Abuse Attack Attempt AnomalyScoring Enabled
920270 REQUEST-920-PROTOCOL-ENFORCEMENT Invalid character in request (null character) AnomalyScoring Enabled
920271 REQUEST-920-PROTOCOL-ENFORCEMENT Invalid character in request (non printable characters) AnomalyScoring Enabled
920272 REQUEST-920-PROTOCOL-ENFORCEMENT Invalid character in request (outside of printable chars below ascii 127) AnomalyScoring Enabled
920273 REQUEST-920-PROTOCOL-ENFORCEMENT Invalid character in request (outside of very strict set) AnomalyScoring Enabled
920274 REQUEST-920-PROTOCOL-ENFORCEMENT Invalid character in request headers (outside of very strict set) AnomalyScoring Enabled
920280 REQUEST-920-PROTOCOL-ENFORCEMENT Request Missing a Host Header AnomalyScoring Enabled
920290 REQUEST-920-PROTOCOL-ENFORCEMENT Empty Host Header AnomalyScoring Enabled
920300 REQUEST-920-PROTOCOL-ENFORCEMENT Request Missing an Accept Header AnomalyScoring Enabled
920310 REQUEST-920-PROTOCOL-ENFORCEMENT Request Has an Empty Accept Header AnomalyScoring Enabled
920311 REQUEST-920-PROTOCOL-ENFORCEMENT Request Has an Empty Accept Header AnomalyScoring Enabled
920320 REQUEST-920-PROTOCOL-ENFORCEMENT Missing User Agent Header AnomalyScoring Enabled
920330 REQUEST-920-PROTOCOL-ENFORCEMENT Empty User Agent Header AnomalyScoring Enabled
920340 REQUEST-920-PROTOCOL-ENFORCEMENT Request Containing Content, but Missing Content-Type header AnomalyScoring Enabled
920350 REQUEST-920-PROTOCOL-ENFORCEMENT Host header is a numeric IP address AnomalyScoring Enabled
920420 REQUEST-920-PROTOCOL-ENFORCEMENT Request content type is not allowed by policy AnomalyScoring Enabled
920430 REQUEST-920-PROTOCOL-ENFORCEMENT HTTP protocol version is not allowed by policy AnomalyScoring Enabled
920440 REQUEST-920-PROTOCOL-ENFORCEMENT URL file extension is restricted by policy AnomalyScoring Enabled
920450 REQUEST-920-PROTOCOL-ENFORCEMENT HTTP header is restricted by policy (%{MATCHED_VAR}) AnomalyScoring Enabled
920460 REQUEST-920-PROTOCOL-ENFORCEMENT Abnormal Escape Characters AnomalyScoring Enabled
921100 REQUEST-921-PROTOCOL-ATTACK HTTP Request Smuggling Attack. AnomalyScoring Enabled
921110 REQUEST-921-PROTOCOL-ATTACK HTTP Request Smuggling Attack AnomalyScoring Enabled
921120 REQUEST-921-PROTOCOL-ATTACK HTTP Response Splitting Attack AnomalyScoring Enabled
921130 REQUEST-921-PROTOCOL-ATTACK HTTP Response Splitting Attack AnomalyScoring Enabled
921140 REQUEST-921-PROTOCOL-ATTACK HTTP Header Injection Attack via headers AnomalyScoring Enabled
921150 REQUEST-921-PROTOCOL-ATTACK HTTP Header Injection Attack via payload (CR/LF detected) AnomalyScoring Enabled
921151 REQUEST-921-PROTOCOL-ATTACK HTTP Header Injection Attack via payload (CR/LF detected) AnomalyScoring Enabled
921160 REQUEST-921-PROTOCOL-ATTACK HTTP Header Injection Attack via payload (CR/LF and header-name detected) AnomalyScoring Enabled
921170 REQUEST-921-PROTOCOL-ATTACK HTTP Parameter Pollution AnomalyScoring Enabled
921180 REQUEST-921-PROTOCOL-ATTACK HTTP Parameter Pollution (%{TX.1}) AnomalyScoring Enabled
930100 REQUEST-930-APPLICATION-ATTACK-LFI Path Traversal Attack (/../) AnomalyScoring Enabled
930110 REQUEST-930-APPLICATION-ATTACK-LFI Path Traversal Attack (/../) AnomalyScoring Enabled
930120 REQUEST-930-APPLICATION-ATTACK-LFI OS File Access Attempt AnomalyScoring Enabled
930130 REQUEST-930-APPLICATION-ATTACK-LFI Restricted File Access Attempt AnomalyScoring Enabled
931100 REQUEST-931-APPLICATION-ATTACK-RFI Possible Remote File Inclusion (RFI) Attack: URL Parameter using IP Address AnomalyScoring Enabled
931110 REQUEST-931-APPLICATION-ATTACK-RFI Possible Remote File Inclusion (RFI) Attack: Common RFI Vulnerable Parameter Name used w/URL Payload AnomalyScoring Enabled
931120 REQUEST-931-APPLICATION-ATTACK-RFI Possible Remote File Inclusion (RFI) Attack: URL Payload Used w/Trailing Question Mark Character (?) AnomalyScoring Enabled
931130 REQUEST-931-APPLICATION-ATTACK-RFI Possible Remote File Inclusion (RFI) Attack: Off-Domain Reference/Link AnomalyScoring Enabled
932100 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Unix Command Injection AnomalyScoring Enabled
932105 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Unix Command Injection AnomalyScoring Enabled
932110 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Windows Command Injection AnomalyScoring Enabled
932115 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Windows Command Injection AnomalyScoring Enabled
932120 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Windows PowerShell Command Found AnomalyScoring Enabled
932130 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Unix Shell Expression Found AnomalyScoring Enabled
932140 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Windows FOR/IF Command Found AnomalyScoring Enabled
932150 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Direct Unix Command Execution AnomalyScoring Enabled
932160 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Unix Shell Code Found AnomalyScoring Enabled
932170 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Shellshock (CVE-2014-6271) AnomalyScoring Enabled
932171 REQUEST-932-APPLICATION-ATTACK-RCE Remote Command Execution: Shellshock (CVE-2014-6271) AnomalyScoring Enabled
933100 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: Opening/Closing Tag Found AnomalyScoring Enabled
933110 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: PHP Script File Upload Found AnomalyScoring Enabled
933111 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: PHP Script File Upload Found AnomalyScoring Enabled
933120 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: Configuration Directive Found AnomalyScoring Enabled
933130 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: Variables Found AnomalyScoring Enabled
933131 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: Variables Found AnomalyScoring Enabled
933140 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: I/O Stream Found AnomalyScoring Enabled
933150 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: High-Risk PHP Function Name Found AnomalyScoring Enabled
933151 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: Medium-Risk PHP Function Name Found AnomalyScoring Enabled
933160 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: High-Risk PHP Function Call Found AnomalyScoring Enabled
933161 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: Low-Value PHP Function Call Found AnomalyScoring Enabled
933170 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: Serialized Object Injection AnomalyScoring Enabled
933180 REQUEST-933-APPLICATION-ATTACK-PHP PHP Injection Attack: Variable Function Call Found AnomalyScoring Enabled
941100 REQUEST-941-APPLICATION-ATTACK-XSS XSS Attack Detected via libinjection AnomalyScoring Enabled
941110 REQUEST-941-APPLICATION-ATTACK-XSS XSS Filter - Category 1: Script Tag Vector AnomalyScoring Enabled
941120 REQUEST-941-APPLICATION-ATTACK-XSS XSS Filter - Category 2: Event Handler Vector AnomalyScoring Enabled
941130 REQUEST-941-APPLICATION-ATTACK-XSS XSS Filter - Category 3: Attribute Vector AnomalyScoring Enabled
941140 REQUEST-941-APPLICATION-ATTACK-XSS XSS Filter - Category 4: Javascript URI Vector AnomalyScoring Enabled
941150 REQUEST-941-APPLICATION-ATTACK-XSS XSS Filter - Category 5: Disallowed HTML Attributes AnomalyScoring Enabled
941160 REQUEST-941-APPLICATION-ATTACK-XSS NoScript XSS InjectionChecker: HTML Injection AnomalyScoring Enabled
941170 REQUEST-941-APPLICATION-ATTACK-XSS NoScript XSS InjectionChecker: Attribute Injection AnomalyScoring Enabled
941180 REQUEST-941-APPLICATION-ATTACK-XSS Node-Validator Blacklist Keywords AnomalyScoring Enabled
941190 REQUEST-941-APPLICATION-ATTACK-XSS XSS Using style sheets AnomalyScoring Enabled
941200 REQUEST-941-APPLICATION-ATTACK-XSS XSS using VML frames AnomalyScoring Enabled
941210 REQUEST-941-APPLICATION-ATTACK-XSS XSS using obfuscated JavaScript AnomalyScoring Enabled
941220 REQUEST-941-APPLICATION-ATTACK-XSS XSS using obfuscated VB Script AnomalyScoring Enabled
941230 REQUEST-941-APPLICATION-ATTACK-XSS XSS using 'embed' tag AnomalyScoring Enabled
941240 REQUEST-941-APPLICATION-ATTACK-XSS XSS using 'import' or 'implementation' attribute AnomalyScoring Enabled
941250 REQUEST-941-APPLICATION-ATTACK-XSS IE XSS Filters - Attack Detected. AnomalyScoring Enabled
941260 REQUEST-941-APPLICATION-ATTACK-XSS XSS using 'meta' tag AnomalyScoring Enabled
941270 REQUEST-941-APPLICATION-ATTACK-XSS XSS using 'link' href AnomalyScoring Enabled
941280 REQUEST-941-APPLICATION-ATTACK-XSS XSS using 'base' tag AnomalyScoring Enabled
941290 REQUEST-941-APPLICATION-ATTACK-XSS XSS using 'applet' tag AnomalyScoring Enabled
941300 REQUEST-941-APPLICATION-ATTACK-XSS XSS using 'object' tag AnomalyScoring Enabled
941310 REQUEST-941-APPLICATION-ATTACK-XSS US-ASCII Malformed Encoding XSS Filter - Attack Detected. AnomalyScoring Enabled
941320 REQUEST-941-APPLICATION-ATTACK-XSS Possible XSS Attack Detected - HTML Tag Handler AnomalyScoring Enabled
941330 REQUEST-941-APPLICATION-ATTACK-XSS IE XSS Filters - Attack Detected. AnomalyScoring Enabled
941340 REQUEST-941-APPLICATION-ATTACK-XSS IE XSS Filters - Attack Detected. AnomalyScoring Enabled
941350 REQUEST-941-APPLICATION-ATTACK-XSS UTF-7 Encoding IE XSS - Attack Detected. AnomalyScoring Enabled
942100 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Injection Attack Detected via libinjection AnomalyScoring Enabled
942110 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Injection Attack: Common Injection Testing Detected AnomalyScoring Enabled
942120 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Injection Attack: SQL Operator Detected AnomalyScoring Enabled
942130 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Injection Attack: SQL Tautology Detected. AnomalyScoring Enabled
942140 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Injection Attack: Common DB Names Detected AnomalyScoring Enabled
942150 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Injection Attack AnomalyScoring Enabled
942160 REQUEST-942-APPLICATION-ATTACK-SQLI Detects blind sqli tests using sleep() or benchmark(). AnomalyScoring Enabled
942170 REQUEST-942-APPLICATION-ATTACK-SQLI Detects SQL benchmark and sleep injection attempts including conditional queries AnomalyScoring Enabled
942180 REQUEST-942-APPLICATION-ATTACK-SQLI Detects basic SQL authentication bypass attempts ⅓ AnomalyScoring Enabled
942190 REQUEST-942-APPLICATION-ATTACK-SQLI Detects MSSQL code execution and information gathering attempts AnomalyScoring Enabled
942200 REQUEST-942-APPLICATION-ATTACK-SQLI Detects MySQL comment-/space-obfuscated injections and backtick termination AnomalyScoring Enabled
942210 REQUEST-942-APPLICATION-ATTACK-SQLI Detects chained SQL injection attempts ½ AnomalyScoring Enabled
942220 REQUEST-942-APPLICATION-ATTACK-SQLI Looking for intiger overflow attacks, these are taken from skipfish, except 3.0.00738585072007e-308 is the \"magic number\" crash AnomalyScoring Enabled
942230 REQUEST-942-APPLICATION-ATTACK-SQLI Detects conditional SQL injection attempts AnomalyScoring Enabled
942240 REQUEST-942-APPLICATION-ATTACK-SQLI Detects MySQL charset switch and MSSQL DoS attempts AnomalyScoring Enabled
942250 REQUEST-942-APPLICATION-ATTACK-SQLI Detects MATCH AGAINST, MERGE and EXECUTE IMMEDIATE injections AnomalyScoring Enabled
942251 REQUEST-942-APPLICATION-ATTACK-SQLI Detects HAVING injections AnomalyScoring Enabled
942260 REQUEST-942-APPLICATION-ATTACK-SQLI Detects basic SQL authentication bypass attempts ⅔ AnomalyScoring Enabled
942270 REQUEST-942-APPLICATION-ATTACK-SQLI Looking for basic sql injection. Common attack string for mysql, oracle and others. AnomalyScoring Enabled
942280 REQUEST-942-APPLICATION-ATTACK-SQLI Detects Postgres pg_sleep injection, waitfor delay attacks and database shutdown attempts AnomalyScoring Enabled
942290 REQUEST-942-APPLICATION-ATTACK-SQLI Finds basic MongoDB SQL injection attempts AnomalyScoring Enabled
942300 REQUEST-942-APPLICATION-ATTACK-SQLI Detects MySQL comments, conditions and ch(a)r injections AnomalyScoring Enabled
942310 REQUEST-942-APPLICATION-ATTACK-SQLI Detects chained SQL injection attempts 2/2 AnomalyScoring Enabled
942320 REQUEST-942-APPLICATION-ATTACK-SQLI Detects MySQL and PostgreSQL stored procedure/function injections AnomalyScoring Enabled
942330 REQUEST-942-APPLICATION-ATTACK-SQLI Detects classic SQL injection probings ½ AnomalyScoring Enabled
942340 REQUEST-942-APPLICATION-ATTACK-SQLI Detects basic SQL authentication bypass attempts 3/3 AnomalyScoring Enabled
942350 REQUEST-942-APPLICATION-ATTACK-SQLI Detects MySQL UDF injection and other data/structure manipulation attempts AnomalyScoring Enabled
942360 REQUEST-942-APPLICATION-ATTACK-SQLI Detects concatenated basic SQL injection and SQLLFI attempts AnomalyScoring Enabled
942370 REQUEST-942-APPLICATION-ATTACK-SQLI Detects classic SQL injection probings 2/2 AnomalyScoring Enabled
942380 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Injection Attack AnomalyScoring Enabled
942390 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Injection Attack AnomalyScoring Enabled
942400 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Injection Attack AnomalyScoring Enabled
942410 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Injection Attack AnomalyScoring Enabled
942420 REQUEST-942-APPLICATION-ATTACK-SQLI Restricted SQL Character Anomaly Detection (cookies): # of special characters exceeded (8) AnomalyScoring Enabled
942421 REQUEST-942-APPLICATION-ATTACK-SQLI Restricted SQL Character Anomaly Detection (cookies): # of special characters exceeded (3) AnomalyScoring Enabled
942430 REQUEST-942-APPLICATION-ATTACK-SQLI Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (12) AnomalyScoring Enabled
942431 REQUEST-942-APPLICATION-ATTACK-SQLI Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (6) AnomalyScoring Enabled
942432 REQUEST-942-APPLICATION-ATTACK-SQLI Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (2) AnomalyScoring Enabled
942440 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Comment Sequence Detected. AnomalyScoring Enabled
942450 REQUEST-942-APPLICATION-ATTACK-SQLI SQL Hex Encoding Identified AnomalyScoring Enabled
942460 REQUEST-942-APPLICATION-ATTACK-SQLI Meta-Character Anomaly Detection Alert - Repetitive Non-Word Characters AnomalyScoring Enabled
943100 REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION Possible Session Fixation Attack: Setting Cookie Values in HTML AnomalyScoring Enabled
943110 REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION Possible Session Fixation Attack: SessionID Parameter Name with Off-Domain Referer AnomalyScoring Enabled
943120 REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION Possible Session Fixation Attack: SessionID Parameter Name with No Referer AnomalyScoring Enabled

Removed Rules

Rule ID Rule Group Name Description Action State
950000 crs_40_generic_attacks Session Fixation AnomalyScoring Enabled
950001 crs_41_sql_injection_attacks SQL Injection Attack AnomalyScoring Enabled
950002 crs_40_generic_attacks System Command Access AnomalyScoring Enabled
950003 crs_40_generic_attacks Session Fixation AnomalyScoring Enabled
950005 crs_40_generic_attacks Remote File Access Attempt AnomalyScoring Enabled
950006 crs_40_generic_attacks System Command Injection AnomalyScoring Enabled
950007 crs_41_sql_injection_attacks Blind SQL Injection Attack AnomalyScoring Enabled
950008 crs_40_generic_attacks Injection of Undocumented ColdFusion Tags AnomalyScoring Enabled
950009 crs_40_generic_attacks Session Fixation Attack AnomalyScoring Enabled
950010 crs_40_generic_attacks LDAP Injection Attack AnomalyScoring Enabled
950011 crs_40_generic_attacks SSI injection Attack AnomalyScoring Enabled
950012 crs_40_generic_attacks HTTP Request Smuggling Attack. AnomalyScoring Enabled
950018 crs_40_generic_attacks Universal PDF XSS URL Detected. AnomalyScoring Enabled
950019 crs_40_generic_attacks Email Injection Attack AnomalyScoring Enabled
950103 crs_42_tight_security Path Traversal Attack AnomalyScoring Enabled
950107 crs_20_protocol_violations URL Encoding Abuse Attack Attempt AnomalyScoring Enabled
950108 crs_20_protocol_violations URL Encoding Abuse Attack Attempt AnomalyScoring Enabled
950109 crs_20_protocol_violations Multiple URL Encoding Detected AnomalyScoring Enabled
950110 crs_45_trojans Backdoor access AnomalyScoring Enabled
950116 crs_20_protocol_violations Unicode Full/Half Width Abuse Attack Attempt AnomalyScoring Enabled
950117 crs_40_generic_attacks Remote File Inclusion Attack AnomalyScoring Enabled
950118 crs_40_generic_attacks Remote File Inclusion Attack AnomalyScoring Enabled
950119 crs_40_generic_attacks Remote File Inclusion Attack AnomalyScoring Enabled
950120 crs_40_generic_attacks Possible Remote File Inclusion (RFI) Attack: Off-Domain Reference/Link AnomalyScoring Enabled
950801 crs_20_protocol_violations UTF8 Encoding Abuse Attack Attempt AnomalyScoring Enabled
950901 crs_41_sql_injection_attacks SQL Injection Attack: SQL Tautology Detected. AnomalyScoring Enabled
950907 crs_40_generic_attacks System Command Injection AnomalyScoring Enabled
950908 crs_41_sql_injection_attacks SQL Injection Attack. AnomalyScoring Enabled
950910 crs_40_generic_attacks HTTP Response Splitting Attack AnomalyScoring Enabled
950911 crs_40_generic_attacks HTTP Response Splitting Attack AnomalyScoring Enabled
950921 crs_45_trojans Backdoor access AnomalyScoring Enabled
958000 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958001 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958002 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958003 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958004 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958005 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958006 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958007 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958008 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958009 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958010 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958011 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958012 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958013 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958016 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958017 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958018 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958019 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958020 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958022 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958023 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958024 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958025 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958026 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958027 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958028 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958030 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958031 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958032 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958033 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958034 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958036 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958037 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958038 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958039 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958040 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958041 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958045 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958046 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958047 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958049 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958051 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958052 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958054 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958056 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958057 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958059 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958230 crs_20_protocol_violations Range: Invalid Last Byte Value. AnomalyScoring Enabled
958231 crs_20_protocol_violations Range: Too many fields AnomalyScoring Enabled
958291 crs_20_protocol_violations Range: field exists and begins with 0. AnomalyScoring Enabled
958295 crs_20_protocol_violations Multiple/Conflicting Connection Header Data Found. AnomalyScoring Enabled
958404 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958405 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958406 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958407 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958408 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958409 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958410 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958411 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958412 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958413 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958414 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958415 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958416 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958417 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958418 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958419 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958420 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958421 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958422 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958423 crs_41_xss_attacks Cross-site Scripting (XSS) Attack AnomalyScoring Enabled
958976 crs_40_generic_attacks PHP Injection Attack AnomalyScoring Enabled
958977 crs_40_generic_attacks PHP Injection Attack AnomalyScoring Enabled
959070 crs_41_sql_injection_attacks SQL Injection Attack AnomalyScoring Enabled
959071 crs_41_sql_injection_attacks SQL Injection Attack AnomalyScoring Enabled
959072 crs_41_sql_injection_attacks SQL Injection Attack AnomalyScoring Enabled
959073 crs_41_sql_injection_attacks SQL Injection Attack AnomalyScoring Enabled
959151 crs_40_generic_attacks PHP Injection Attack AnomalyScoring Enabled
960000 crs_20_protocol_violations Attempted multipart/form-data bypass AnomalyScoring Enabled
960006 crs_21_protocol_anomalies Empty User Agent Header AnomalyScoring Enabled
960007 crs_21_protocol_anomalies Empty Host Header AnomalyScoring Enabled
960008 crs_21_protocol_anomalies Request Missing a Host Header AnomalyScoring Enabled
960009 crs_21_protocol_anomalies Request Missing a User Agent Header AnomalyScoring Enabled
960010 crs_30_http_policy Request content type is not allowed by policy AnomalyScoring Enabled
960011 crs_20_protocol_violations GET or HEAD Request with Body Content. AnomalyScoring Enabled
960012 crs_20_protocol_violations POST request missing Content-Length Header. AnomalyScoring Enabled
960015 crs_21_protocol_anomalies Request Missing an Accept Header AnomalyScoring Enabled
960016 crs_20_protocol_violations Content-Length HTTP header is not numeric. AnomalyScoring Enabled
960017 crs_21_protocol_anomalies Host header is a numeric IP address AnomalyScoring Enabled
960018 crs_20_protocol_violations Invalid character in request AnomalyScoring Enabled
960020 crs_20_protocol_violations Pragma Header requires Cache-Control Header for HTTP/1.1 requests. AnomalyScoring Enabled
960021 crs_21_protocol_anomalies Request Has an Empty Accept Header AnomalyScoring Enabled
960022 crs_20_protocol_violations Expect Header Not Allowed for HTTP 1.0. AnomalyScoring Enabled
960024 crs_40_generic_attacks Meta-Character Anomaly Detection Alert - Repetative Non-Word Characters AnomalyScoring Enabled
960032 crs_30_http_policy Method is not allowed by policy AnomalyScoring Enabled
960034 crs_30_http_policy HTTP protocol version is not allowed by policy AnomalyScoring Enabled
960035 crs_30_http_policy URL file extension is restricted by policy AnomalyScoring Enabled
960038 crs_30_http_policy HTTP header is restricted by policy AnomalyScoring Enabled
960208 crs_23_request_limits Argument value too long AnomalyScoring Enabled
960209 crs_23_request_limits Argument name too long AnomalyScoring Enabled
960335 crs_23_request_limits Too many arguments in request AnomalyScoring Enabled
960341 crs_23_request_limits Total arguments size exceeded AnomalyScoring Enabled
960342 crs_23_request_limits Uploaded file size too large AnomalyScoring Enabled
960343 crs_23_request_limits Total uploaded files size too large AnomalyScoring Enabled
960901 crs_20_protocol_violations Invalid character in request AnomalyScoring Enabled
960902 crs_20_protocol_violations Invalid Use of Identity Encoding. AnomalyScoring Enabled
960904 crs_21_protocol_anomalies Request Containing Content, but Missing Content-Type header AnomalyScoring Enabled
960911 crs_20_protocol_violations Invalid HTTP Request Line AnomalyScoring Enabled
960912 crs_20_protocol_violations Failed to parse request body. AnomalyScoring Enabled
960914 crs_20_protocol_violations Multipart request body failed strict validation: PE %{REQBODY_PROCESSOR_ERROR}, BQ %{MULTIPART_BOUNDARY_QUOTED}, BW %{MULTIPART_BOUNDARY_WHITESPACE}, DB %{MULTIPART_DATA_BEFORE}, DA %{MULTIPART_DATA_AFTER}, HF %{MULTIPART_HEADER_FOLDING}, LF %{MULTIPART_LF_LINE}, SM %{MULTIPART_SEMICOLON_MISSING}, IQ %{MULTIPART_INVALID_QUOTING}, IH %{MULTIPART_INVALID_HEADER_FOLDING}, FLE %{MULTIPART_FILE_LIMIT_EXCEEDED} AnomalyScoring Enabled
960915 crs_20_protocol_violations Multipart parser detected a possible unmatched boundary. AnomalyScoring Enabled
973300 crs_41_xss_attacks Possible XSS Attack Detected - HTML Tag Handler AnomalyScoring Enabled
973301 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973302 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973303 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973304 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973305 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973306 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973307 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973308 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973309 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973310 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973311 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973312 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973313 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973314 crs_41_xss_attacks XSS Attack Detected AnomalyScoring Enabled
973315 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973316 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973317 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973318 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973319 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973320 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973321 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973322 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973323 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973324 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973325 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973326 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973327 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973328 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973329 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973330 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973331 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973332 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973333 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973334 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973335 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973336 crs_41_xss_attacks XSS Filter - Category 1: Script Tag Vector AnomalyScoring Enabled
973337 crs_41_xss_attacks XSS Filter - Category 2: Event Handler Vector AnomalyScoring Enabled
973338 crs_41_xss_attacks XSS Filter - Category 3: Javascript URI Vector AnomalyScoring Enabled
973344 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973345 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973346 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973347 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
973348 crs_41_xss_attacks IE XSS Filters - Attack Detected. AnomalyScoring Enabled
981018 crs_41_xss_attacks Rule 981018 AnomalyScoring Enabled
981133 crs_40_generic_attacks Rule 981133 AnomalyScoring Enabled
981134 crs_40_generic_attacks Rule 981134 AnomalyScoring Enabled
981136 crs_41_xss_attacks Rule 981136 AnomalyScoring Enabled
981172 crs_41_sql_injection_attacks Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded AnomalyScoring Enabled
981173 crs_41_sql_injection_attacks Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded AnomalyScoring Enabled
981175 crs_49_inbound_blocking Inbound Attack Targeting OSVDB Flagged Resource. AnomalyScoring Enabled
981176 crs_49_inbound_blocking Inbound Anomaly Score Exceeded (Total Score: %{TX.ANOMALY_SCORE}, SQLi=%{TX.SQL_INJECTION_SCORE}, XSS=%{TX.XSS_SCORE}): Last Matched Message: %{tx.msg} AnomalyScoring Enabled
981227 crs_20_protocol_violations Apache Error: Invalid URI in Request. AnomalyScoring Enabled
981231 crs_41_sql_injection_attacks SQL Comment Sequence Detected. AnomalyScoring Enabled
981240 crs_41_sql_injection_attacks Detects MySQL comments, conditions and ch(a)r injections AnomalyScoring Enabled
981241 crs_41_sql_injection_attacks Detects conditional SQL injection attempts AnomalyScoring Enabled
981242 crs_41_sql_injection_attacks Detects classic SQL injection probings ½ AnomalyScoring Enabled
981243 crs_41_sql_injection_attacks Detects classic SQL injection probings 2/2 AnomalyScoring Enabled
981244 crs_41_sql_injection_attacks Detects basic SQL authentication bypass attempts ⅓ AnomalyScoring Enabled
981245 crs_41_sql_injection_attacks Detects basic SQL authentication bypass attempts ⅔ AnomalyScoring Enabled
981246 crs_41_sql_injection_attacks Detects basic SQL authentication bypass attempts 3/3 AnomalyScoring Enabled
981247 crs_41_sql_injection_attacks Detects concatenated basic SQL injection and SQLLFI attempts AnomalyScoring Enabled
981248 crs_41_sql_injection_attacks Detects chained SQL injection attempts ½ AnomalyScoring Enabled
981249 crs_41_sql_injection_attacks Detects chained SQL injection attempts 2/2 AnomalyScoring Enabled
981250 crs_41_sql_injection_attacks Detects SQL benchmark and sleep injection attempts including conditional queries AnomalyScoring Enabled
981251 crs_41_sql_injection_attacks Detects MySQL UDF injection and other data/structure manipulation attempts AnomalyScoring Enabled
981252 crs_41_sql_injection_attacks Detects MySQL charset switch and MSSQL DoS attempts AnomalyScoring Enabled
981253 crs_41_sql_injection_attacks Detects MySQL and PostgreSQL stored procedure/function injections AnomalyScoring Enabled
981254 crs_41_sql_injection_attacks Detects Postgres pg_sleep injection, waitfor delay attacks and database shutdown attempts AnomalyScoring Enabled
981255 crs_41_sql_injection_attacks Detects MSSQL code execution and information gathering attempts AnomalyScoring Enabled
981256 crs_41_sql_injection_attacks Detects MATCH AGAINST, MERGE, EXECUTE IMMEDIATE and HAVING injections AnomalyScoring Enabled
981257 crs_41_sql_injection_attacks Detects MySQL comment-/space-obfuscated injections and backtick termination AnomalyScoring Enabled
981260 crs_41_sql_injection_attacks SQL Hex Encoding Identified AnomalyScoring Enabled
981270 crs_41_sql_injection_attacks Finds basic MongoDB SQL injection attempts AnomalyScoring Enabled
981272 crs_41_sql_injection_attacks Detects blind sqli tests using sleep() or benchmark(). AnomalyScoring Enabled
981276 crs_41_sql_injection_attacks Looking for basic sql injection. Common attack string for mysql, oracle and others. AnomalyScoring Enabled
981277 crs_41_sql_injection_attacks Looking for integer overflow attacks, these are taken from skipfish, except 2.2.90738585072007e-308 is the \"magic number\" crash AnomalyScoring Enabled
981300 crs_41_sql_injection_attacks Rule 981300 AnomalyScoring Enabled
981301 crs_41_sql_injection_attacks Rule 981301 AnomalyScoring Enabled
981302 crs_41_sql_injection_attacks Rule 981302 AnomalyScoring Enabled
981303 crs_41_sql_injection_attacks Rule 981303 AnomalyScoring Enabled
981304 crs_41_sql_injection_attacks Rule 981304 AnomalyScoring Enabled
981305 crs_41_sql_injection_attacks Rule 981305 AnomalyScoring Enabled
981306 crs_41_sql_injection_attacks Rule 981306 AnomalyScoring Enabled
981307 crs_41_sql_injection_attacks Rule 981307 AnomalyScoring Enabled
981308 crs_41_sql_injection_attacks Rule 981308 AnomalyScoring Enabled
981309 crs_41_sql_injection_attacks Rule 981309 AnomalyScoring Enabled
981310 crs_41_sql_injection_attacks Rule 981310 AnomalyScoring Enabled
981311 crs_41_sql_injection_attacks Rule 981311 AnomalyScoring Enabled
981312 crs_41_sql_injection_attacks Rule 981312 AnomalyScoring Enabled
981313 crs_41_sql_injection_attacks Rule 981313 AnomalyScoring Enabled
981314 crs_41_sql_injection_attacks Rule 981314 AnomalyScoring Enabled
981315 crs_41_sql_injection_attacks Rule 981315 AnomalyScoring Enabled
981316 crs_41_sql_injection_attacks Rule 981316 AnomalyScoring Enabled
981317 crs_41_sql_injection_attacks SQL SELECT Statement Anomaly Detection Alert AnomalyScoring Enabled
981318 crs_41_sql_injection_attacks SQL Injection Attack: Common Injection Testing Detected AnomalyScoring Enabled
981319 crs_41_sql_injection_attacks SQL Injection Attack: SQL Operator Detected AnomalyScoring Enabled
981320 crs_41_sql_injection_attacks SQL Injection Attack: Common DB Names Detected AnomalyScoring Enabled
990002 crs_35_bad_robots Request Indicates a Security Scanner Scanned the Site AnomalyScoring Enabled
990012 crs_35_bad_robots Rogue web site crawler AnomalyScoring Enabled
990901 crs_35_bad_robots Request Indicates a Security Scanner Scanned the Site AnomalyScoring Enabled
990902 crs_35_bad_robots Request Indicates a Security Scanner Scanned the Site AnomalyScoring Enabled

Changed Rules

No rules changed.