Log messages

These are all available block messages.

Message ID
Attack Type
Block Type
Description
WR-SG-BLOCK-108-01
Filter evasion
Multipart Parser
illegal boundary characters "..." found in multipart POST
WR-SG-BLOCK-108-02
Filter evasion
Multipart Parser
multiple content-disposition headers found in multipart POST
WR-SG-BLOCK-108-03
Filter evasion
Multipart Parser
nesting level (...) exceeded in multipart POST
WR-SG-BLOCK-108-04
Filter evasion
Multipart Parser
Syntax Error in multipart POST: no delimiter found in request body "..."
WR-SG-BLOCK-108-05
Filter evasion
Multipart Parser
delimiter found in multipart header "..."
WR-SG-BLOCK-108-06
Filter evasion
Multipart Parser
multiple multipart boundary definitions found in content-type header "..."
WR-SG-BLOCK-108-07
Filter evasion
Multipart Parser
Syntax Error in multipart POST: Error while parsing multipart header "..."
WR-SG-BLOCK-108-08
Filter evasion
Multipart Parser
multipart boundary definition not found in content-type header "..."
WR-SG-BLOCK-108-10
Filter evasion
Multipart Parser
Syntax Error in multipart POST: Missing newline characters ...
WR-SG-BLOCK-108-11
Filter evasion
Multipart Parser
Syntax Error in multipart POST: Missing delimiter
WR-SG-BLOCK-108-20
Unsafe multipart headers
Multipart Parser
Multipart header blacklist rule was triggered by multipart header "..."
WR-SG-BLOCK-108-21
Unsafe multipart headers
Multipart Parser
Multipart header whitelist rule was triggered by multipart header "..."
WR-SG-BLOCK-108-30
Filter evasion
Multipart Parser
Error while decoding multipart content: ...: "..."
WR-SG-BLOCK-108-35
Filter evasion
Multipart Parser
Trailing characters found after encoded content "..."
WR-SG-BLOCK-108-40
Filter evasion
Multipart Parser
Filename was empty but content was not
WR-SG-BLOCK-109-01
Filter evasion
JSON Parser
JSON syntax error message: "..." in ...
WR-SG-BLOCK-109-02
Filter evasion
JSON Parser
Failed to sanitize JSON data (UTF8) in ...
WR-SG-BLOCK-109-03
Filter evasion
JSON Parser
Failed to convert JSON data (from ... to UTF-8) in ...
WR-SG-BLOCK-120-01
URL tampering
URL Encryption
Decryption failed for request URL using passphrase based encryption. URL has been modified by client or was encrypted for a different user session using session based encryption.
WR-SG-BLOCK-120-02
URL tampering
URL Encryption
Decryption failed for request URL using session based encryption. URL has been modified by client.
WR-SG-BLOCK-120-03
URL tampering
URL Encryption
Request URL is not or incorrectly encrypted (unrecognized/wrong encryption mode).
WR-SG-BLOCK-120-04
URL tampering
URL Encryption
Decryption failed for encrypted request URL. URL belongs to an unknown (expired or otherwise different) session or the passphrase has changed.
WR-SG-BLOCK-120-05
URL tampering
URL Encryption
Request URL is PBE encrypted but SBE is configured.
WR-SG-BLOCK-131-01
Filter evasion
Parameter Normalization
Filter notification: parameter normalization failed on data "..." using default charset:... fallback:...
WR-SG-BLOCK-131-02
Filter evasion
Parameter Normalization
Filter notification: parameter normalization failed on data "..." using charset from content-type:...
WR-SG-BLOCK-131-03
Filter evasion
Parameter Normalization
Filter notification: parameter normalization not possible from unsupported charset derived from content-type "..."
WR-SG-BLOCK-131-04
Filter evasion
Parameter Normalization
Filter notification: ... in path "...". UTF-8 is enforced.
WR-SG-BLOCK-131-05
Filter evasion
Parameter Normalization
Filter notification: ... in header "...". UTF-8 is enforced.
WR-SG-BLOCK-131-06
Filter evasion
Parameter Normalization
Filter notification: ... in ... "...". UTF-8 is enforced.
WR-SG-BLOCK-131-07
Filter evasion
Parameter Normalization
Filter notification: Charset encoding "..." found in Content-Type header. UTF-8 is enforced.
WR-SG-BLOCK-135-01
Parameter tampering
URL Encryption
Location parameter "..." with value "..." is invalid: ...
WR-SG-BLOCK-111-00
URL tampering
Allow Rule
no allow rule matched
WR-SG-BLOCK-111-01
Request tampering
Allow Rule
Request IP address ip:... does not match IP pattern "..." , path pattern:"..."
WR-SG-BLOCK-111-06
Request tampering
Allow Rule
Content-Type of request (...) does not match Content-Type pattern "..." , path pattern:"..."
WR-SG-BLOCK-111-05
Request tampering
Allow Rule
HTTP method "..." does not match the method pattern "..."
WR-SG-BLOCK-111-04
Parameter tampering
Allow Rule
Parameter value is not allowed. Value "..." of parameter "..." does not match value pattern "..." , path pattern:"..."
WR-SG-BLOCK-111-08
Parameter tampering
Allow Rule
Parameter "..." is not allowed because there is no parameter rule defined that would match the parameter name. The parameter value would be "..." , path pattern:"..."
WR-SG-BLOCK-111-07
Parameter tampering
Allow Rule
The request must contain a parameter matching pattern "..." , path pattern:"..."
WR-SG-BLOCK-111-20
URL tampering
Parameter Limits
Path has length ..., but at most ... would be allowed
WR-SG-BLOCK-111-21
Parameter tampering
Parameter Limits
There are ... parameters, but at most ... would be allowed
WR-SG-BLOCK-111-22
Parameter tampering
Parameter Limits
Length of parameter name "..." is ... bytes, but at most ... bytes would be allowed
WR-SG-BLOCK-111-23
Parameter tampering
Parameter Limits
Value "..." of parameter "..." contains ... bytes, but at most ... bytes would be allowed
WR-SG-BLOCK-115
<according to rule>
OpenAPI
...
WR-SG-BLOCK-116
<according to rule>
JSON Limits
...
WR-SG-BLOCK-122-00
Parameter tampering
Form Protection
Parameter "..." is illegal according to form signature
WR-SG-BLOCK-122-02
Parameter tampering
Form Protection
Value "..." of parameter "..." is illegal according to form signature
WR-SG-BLOCK-122-03
Parameter tampering
Form Protection
Value length of parameter "..." (... bytes) exceeds maximum allowed length (... bytes).
WR-SG-BLOCK-122-04
Parameter tampering
Form Protection
Form signature ID is invalid.
WR-SG-BLOCK-122-05
Parameter tampering
Form Protection
Value "..." for parameter "..." of type "..." is invalid according to validation pattern "..."
WR-SG-BLOCK-122-06
Parameter tampering
Form Protection
Required parameters {...} have been omitted
WR-SG-BLOCK-130
Cross-site request forgery
CSRF Protection
CSRF attack detected. CSRF token is invalid or missing.
WR-SG-BLOCK-190
Bot access
Bot Management
The client does not support cookies: ...
WR-SG-BLOCK-110-01
<according to rule>
Deny Rule
Deny rule was triggered
WR-SG-BLOCK-112
Unwanted IP
IP Whitelist
IP whitelist did not match
WR-SG-BLOCK-113
<according to rule>
Threat Intelligence
Bad IP detected
WR-SG-BLOCK-114
Blacklisted IP
IP Blacklist
IP blacklist matched
WR-SG-BLOCKDET-110-01
<according to rule>
Deny Rule
Blocked path: "..."
WR-SG-BLOCKDET-110-02
<according to rule>
Deny Rule
Blocked method: "..."
WR-SG-BLOCKDET-110-03
<according to rule>
Deny Rule
Blocked Content-Type: "..."
WR-SG-BLOCKDET-110-04
<according to rule>
Deny Rule
Blocked source-IP: "..."
WR-SG-BLOCKDET-110-05
<according to rule>
Deny Rule
Blocked parameter: "...=..." (...)
WR-SG-BLOCKDET-110-06
<according to rule>
Deny Rule
Blocked header: "...: ..."
WR-SG-BLOCK-140-01
Parameter pollution
HTTP Parameter Pollution
Multiple parameters with the same name "..." and different types (..., ...) found
WR-SG-BLOCK-145
Filter evasion
Web Listener Checks
Maximum request body size exceeded
WR-SG-BLOCK-125
Parameter tampering
DyVE
Parameter "..." with value "..." is illegal according to dynamic value endorsement
WR-SG-BLOCK-150-01
Behaviour anomaly
Client Fingerprinting
Client Fingerprinting: Blocking request
WR-SG-BLOCK-150-02
Behaviour anomaly
Client Fingerprinting
Client Fingerprinting: Blocking request and terminating session
WR-SG-BLOCK-160
Denial of service
DOS Thresholds
Maximum number of allowed requests (...) within ... seconds for this IP (...) reached
WR-SG-BLOCK-180
Recurring Attack
Dynamic IP Blacklist
Blocked due to Dynamic IP blacklist
WR-SG-BLOCK-170
Illegal payload
ICAP
ICAP service "..." at ...:... blocked in REQMOD
WR-SG-BLOCK-161
Denial of service
DOS Thresholds
Maximum number of allowed sessions (...) for this IP reached
WR-SG-BLOCK-155
Behaviour anomaly
Anomaly Shield
Session anomaly detected by Anomaly Shield rule "...". Executing block actions: ...
WR-SG-BLOCK-156
Behaviour anomaly
Anomaly Shield
IP blocked due to previous anomalous behaviour detected by Anomaly Shield rule