AWS waf medium security documentation change
Summary
Added documentation for SQLi_URIPATH managed rule group that inspects cookie headers for SQL injection patterns
Security assessment
This directly documents a security feature designed to mitigate SQL injection attacks (OWASP Top 10 risk). The rule's explicit purpose is to block a common web application security vulnerability.
Diff
diff --git a/waf/latest/developerguide/aws-managed-rule-groups-use-case.md b/waf/latest/developerguide/aws-managed-rule-groups-use-case.md index 5088c7321..764bcbddb 100644 --- a//waf/latest/developerguide/aws-managed-rule-groups-use-case.md +++ b//waf/latest/developerguide/aws-managed-rule-groups-use-case.md @@ -45,0 +46 @@ This rule only inspects the request body up to the body size limit for the prote +`SQLi_URIPATH` | Uses the built-in AWS WAF [SQL injection attack rule statement](./waf-rule-statement-type-sqli-match.html), with sensitivity level set to Low, to inspect the request cookie headers for patterns that match malicious SQL code. Rule action: Block Label: `awswaf:managed:aws:sql-database:SQLi_URIPath`