Preventing users/bots from trying to inject scripts on website
Good Morning,
This morning we awoke to either a bot or a human trying to inject scripts on to one of our websites. We were able to detect this as our site was throwing error emails to us from the login page.
Can the WatchGuard not detect this type of behavior to prevent it?
Thanks
0
Sign In to comment.
Comments
I was told that the person/bot was using this:
https://github.com/LewisArdern/bXSS
There are many cross site scripting detections in the Intrusion Prevention detection database.
IPS detection is improved for HTTPS traffic if Inspect is being done.
From the docs:
"If you enable IPS for an HTTPS-proxy policy, you must also enable Content Inspection in the HTTPS-proxy action, in order for IPS to scan the HTTPS content."
Configure Intrusion Prevention
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/ips/ips_config_c.html
Thanks for the update!