May 16, 2023

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsShellshock AttackThis policy has been improved to reduce the false-positive rateBlockBlock

May 09, 2023

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsCode InjectionThe policy has been improved to reduce false positivesBlockBlock
WAF & OWASP Top ThreatsXSS AttackThe policy has been improved to reduce false positivesBlockBlock

April 24, 2023

RulesetPolicyDescription of UpdatePrevious ActionNew Action
CMS ProtectionWhitelist WordPress AdminThis policy was updated to improve the detection of logged-in WordPress adminsAllowAllow

April 04, 2023

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsSQL InjectionThis policy has been updated to improve the detection of conditional SQL injection attemptsBlockBlock
Allow Known BotsThis policy's detection of the following bots has been improved: Workato, New Relic, Ahrefs, and moreAllowAllow

March 21, 2023

RulesetPolicyDescription of UpdatePrevious ActionNew Action
CMS ProtectionWhitelist WordPress AdminThis policy was updated to improve the detection of logged-in WordPress adminsAllowAllow
WAF & OWASP Top ThreatsCode InjectionThis policy has been updated to reduce false positivesBlockBlock
WAF & OWASP Top ThreatsXSS AttackThis policy has been updated to detect additional XSS filtersBlockBlock

February 21, 2023

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsObfuscated Attacks and Zero-Day MitigationThis policy’s detection of injection attempts has been improved to reduce the false-positive rateBlockBlock

February 28, 2023

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsSQL InjectionThe policy was updated to detect additional SQL and NO-SQL injections and to improve detection accuracyBlockBlock
WAF & OWASP Top ThreatsXSS AttackThe policy has been improved to reduce false positivesBlockBlock
CMS ProtectionWhitelist WordPress admin logged-in usersThis policy was updated to improve the detection of logged-in WordPress adminsAllowAllow
Anti Automation & Bot ProtectionForce Browser Validation on Traffic AnomaliesThis policy has been updated to challenge clients who preset multiple invalid extensions stringCompositeComposite

February 14, 2023

RulesetPolicyDescription of UpdatePrevious ActionNew Action
CMS ProtectionWhitelist WordPress admin logged-in usersThis policy was updated to improve the detection of logged-in WordPress adminsAllowAllow

January 31, 2023

RulesetPolicyDescription of UpdatePrevious ActionNew Action
Anti-Automation & Bot ProtectionForced Browser Validation on Traffic AnomaliesThis policy has been improved to mitigate better clients that do not keep a sessionCompositeComposite
WAF & OWASP Top ThreatsXSS AttackThis policy has been improved to reduce false positivesBlockBlock
Edge RulesTags Generating RulesDenial of Inventory attack detection has been added as a means of mitigating hoarder botsTagTag

January 24, 2023

RulesetPolicyDescription of UpdatePrevious ActionNew Action
Anti-Automation & Bot ProtectionAutomated ClientsAutomation detection has been improvedCompositeComposite