RulesRules List

Default Rules

Waffle provides default rules to detect attacks without tuning the rules.
Rules are continuously updated and contributions are welcome.

Default Rules List

RuleDescriptionAction
Detects a known security scannerDetects known security scanners (Nessus, sqlmap, etc)Monitor
Directory Traversal attemptsDetects directory traversal attemptsMonitor
XSS attemptsDetects XSS attemptsMonitor
Sensitive file enumerationDetects sensitive file enumeration attemptsMonitor
SQL Injection attemptsDetects SQL Injection attemptsMonitor
SQL Injection exploitedExploited SQL InjectionBlock
Sensitive file openedDetects sensitive file openedBlock
SSRF exploitedExploited SSRFBlock
Account Takeover detectedDetects account takeover attemptsBlock
Customize Block ResponseCustomizing Rules