Cloudflare WAF (SQL Injection)
Hi. Recently a web app we have has suffered a SQL injection attack. Fortunately it has not gone further, and has been fine. The issue is that we want to avoid this by using Cloudflare's WAF. How should we configure Cloudflare's WAF, so that it blocks these SQL injection attacks? Thanks
1 Reply
In the Security > WAF > Managed rules section check for the browse rules button and search for SQL related rules. You can change from the default rule action "log" to "block" mode.
It's always good to confirm in the "Events" chart that no legitimate traffic is being blocked by this rule.