May 17, 2022
Posted by ReadMe API 6 days ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| WAF & OWASP Top Threats | XSS Attack | This policy has been updated to improve protection against additional attack vectors and to reduce the false-positive rate | Block | Block |
| WAF & OWASP Top Threats | Shell Injection | This policy has been improved to reduce the false-positive rate | Block | Block |
| WAF & OWASP Top Threats | Common Web Application Vulnerabilities | This policy has been improved to reduce the false-positive rate | Block | Block |
April 26, 2022
Posted by ReadMe API 27 days ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| Allow Known Bots | Testomato Bot | Testomato bot was added to the Known Bots ruleset | NA | Allow |
April 19, 2022
Posted by ReadMe API about 1 month ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| WAF & OWASP Top Threats | XSS Attack | This policy has been updated to improve protection against additional attack vectors | Block | Block |
| IP Reputation | Traffic From Hosting Services | This policy has been updated with additional hosting services | JS Validation | JS Validation |
April 12, 2022
Posted by ReadMe API about 1 month ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| WAF & OWASP Top Threats | Obfuscated Attacks and Zero-Day Mitigation | The policy’s detection of injection attempts has been improved to reduce the false-positive rate | Block | Block |
| IP Reputation | Traffic From Hosting Services | This policy has been updated with additional hosting services | JS Validation | JS Validation |
April 05, 2022
Posted by ReadMe API about 2 months ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| Behavioral WAF | Anti-Spam | This policy has been updated to reduce false positives with the Microsoft Auto Discover Office service | Composite | Composite |
| Protocol Validation | HTTP Method Validation | Introducing a new policy to block non-standard HTTP methods | NA | Block |
| WAF & OWASP Top Threats | Code Injection | The policy is now covering the Spring4shell vulnerability | Block | Block |
March 22, 2022
Posted by ReadMe API 2 months ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| IP Reputation | Traffic Via CDNs | A new policy has been added, Traffic via CDNs, that validates (JavaScript validation) traffic from IP addresses originating from CDN companies | N/A | JS Validation |
March 15, 2022
Posted by ReadMe API 2 months ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| Allow Known Bots | Improved detection of Microsoft and Google bots and services | Allow | Allow |
March 08, 2022
Posted by ReadMe API 3 months ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| WAF & OWASP Top Threats | Obfuscated Attacks and Zero-Day Mitigation | Policy’s detection of injection attempts has been improved | Block | Block |
March 01, 2022
Posted by ReadMe API 3 months ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| WAF & OWASP Top Threats | Code Injection | This policy now covers additional XPath injection attacks | Block | Block |
| WAF & OWASP Top Threats | XSS Attack | This policy now covers additional XSS tag vectors | Block | Block |
February 22, 2022
Posted by ReadMe API 3 months ago
| Ruleset | Policy | Description of Update | Previous Action | New Action |
|---|---|---|---|---|
| Behavioral WAF (advanced threat protection) | Probing and Forced Browsing | Detection of mechanical requests on Ajax endpoints was improved | Composite | Composite |