Web Application Firewall Detected

info Web App Scanning Plugin ID 98008

Synopsis

Web Application Firewall Detected

Description

A Web Application Firewall (WAF) has been detected during the scan. A WAF is designed to help protecting web applications by monitoring and filtering HTTP(S) traffic through a set of rules in order to prevent the most common attacks.

. The identified WAF may have blocked several requests during the vulnerability assessment or have declined access to some resources of the web application during the scan (blocked URLs have been provided in the plugin attachments).

It is recommended to scan the web application by ensuring that the traffic coming from the scanner is allowed by the WAF in order to get the most accurate coverage of the target application vulnerabilities. If needed, the Tenable WAS documentation defines the scanners IP ranges to be allowed in the WAF configuration.

See Also

https://docs.tenable.com/vulnerability-management/Content/Settings/Sensors/CloudSensors.htm

https://owasp.org/www-community/Web_Application_Firewall

Plugin Details

Severity: Info

ID: 98008

Type: remote

Family: General

Published: 7/18/2022

Updated: 6/5/2024