Report SQL Injections

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @selenasmith,

    There is no specific report for SQL injections, although filtering your Live Traffic by “Blocked by Firewall” can show you occasions when that rule was used to block a request:

    Bulgaria was blocked by firewall for SQL Injection in query string: id=1'%20AND%20(SELECT%201%20FROM%20(SELECT(SLEEP(6)))a)--%20- at https://xxxx.xxx/?rest_route=%2Fh5vp%2Fv1%2Fview%2F1&id=1%27+AND+%28SELECT+1+FROM+%28SELECT%28SLEEP%286%…
    19/06/2024 00:44:18 (11 hours 12 mins ago)

    If you have a use-case where you feel Live Traffic should be filtered by rule, or provide a report on your dashboard for specific types of rule used to block hits to your site, please reach out to feedback @ wordfence . com with a development request.

    Thanks,
    Peter.

    Thread Starter selenasmith

    (@selenasmith)

    Thanks. I’m working with my Info Security team to prove that SQL injections are blocked by WordFence. The Live Traffic “Blocked by Firewall” has several entries but none of them are specifically for blocking SQL injections. Is there a way to export the report to give to the InfoSec team?

    Plugin Support wfpeter

    (@wfpeter)

    Hi @selenasmith,

    Exporting Live Traffic is something we plan to add, although we don’t have a date for this yet. The example of an SQL Injection block is from the Live Traffic on my own test site, so SQL Injections certainly are blocked. You can confirm rules for SQL Injection are active on your site by looking at Wordfence > All Options > Advanced Firewall Options > Rules (“SHOW ALL RULES”)

    Thanks again,
    Peter.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Report SQL Injections’ is closed to new replies.