Deny Rule Group – (default) Windows Command Injection in Header Value

WINCMD_HEADER_VALUE

  • The group contains deny rules preventing Windows command injections through HTTP header values.

Included Deny Rules

Rule name

Basic

Standard

Strict

(default WIN_015b) Windows command injection in quoted context in HTTP header value

Icon - ON

Icon - ON

(default WIN_020b) Windows command injection in unquoted context in HTTP header value

Icon - ON