# WAF Rule ID 373169  

***  

**Alert message:** Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372169  

***  

**Alert message:** Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372241  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372331  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372365  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372746  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372747  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 376425  

***  

**Alert message:** Atomicorp.com WAF Rules:  Joomla Media Manager File Upload Bypass Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules:  Joomla Media Manager File Upload Bypass Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 376415  

***  

**Alert message:** Atomicorp.com WAF Rules:  W3TC Total Cache Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules:  W3TC Total Cache Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 376315  

***  

**Alert message:** Atomicorp.com WAF Rules: Deans with pwwangs code plugin Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Deans with pwwangs code plugin Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 376314  

***  

**Alert message:** Atomicorp.com WAF Rules: FCKeditor Vulnerable Upload Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: FCKeditor Vulnerable Upload Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371314  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371761  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371689  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371320  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371983  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371918  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371853  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371545  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372593  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372528  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372320  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372341  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372328  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372431  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372587  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372619  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372633  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372732  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372750  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372753  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372754  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372658  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372766  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372797  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372824  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372862  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 321314  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 321320  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372240  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372246  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372276  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372007  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372008  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371172  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372850  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372715  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372724  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372779  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372790  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372755  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372764  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372840  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371008  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371016  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371025  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371196  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371244  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371400  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371559  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371567  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371568  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371577  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371583  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371598  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371600  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371605  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371632  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371671  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371679  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371687  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 321689  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371694  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371697  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371701  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371704  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 321761  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350005  

***  

**Alert message:** Atomicorp.com WAF Rules: tiki-edit Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: tiki-edit Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350007  

***  

**Alert message:** Atomicorp.com WAF Rules: edit_blog.php Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: edit_blog.php Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350015  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350017  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350019  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350020  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350029  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 321008  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 321016  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 321025  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371156  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371242  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371243  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371245  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371254  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371257  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371258  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371286  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371330  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371343  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371399  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371403  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371431  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371449  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371450  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371451  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371552  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371561  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371565  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371566  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372258  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372272  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372273  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372318  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372367  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372379  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372417  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372420  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372422  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372441  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372455  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372494  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372496  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372499  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372514  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372534  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372549  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372554  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372562  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372566  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372574  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372581  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372583  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372586  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372589  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372598  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372671  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372677  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372686  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372692  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372693  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350003  

***  

**Alert message:** Atomicorp.com WAF Rules: PHPFreeNews Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: PHPFreeNews Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371888  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371939  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371947  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371948  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371953  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371970  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371975  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371997  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372013  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372017  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372018  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372021  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372022  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372023  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372057  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372096  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372099  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372146  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372255  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350004  

***  

**Alert message:** Atomicorp.com WAF Rules: /cgi-bin/guery Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: /cgi-bin/guery Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350006  

***  

**Alert message:** Atomicorp.com WAF Rules: wps_shop.cgi Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: wps_shop.cgi Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 351008  

***  

**Alert message:** Atomicorp.com WAF Rules: passwd.txt Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: passwd.txt Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350008  

***  

**Alert message:** Atomicorp.com WAF Rules: admin.mdb Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: admin.mdb Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350011  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350014  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350021  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350024  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350026  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350028  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350032  

***  

**Alert message:** Atomicorp.com WAF Rules: LFI Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: LFI Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371002  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371003  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371011  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371012  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371019  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371020  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371021  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371028  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371029  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371031  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371039  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371045  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371049  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371050  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371052  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371057  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371060  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371062  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371063  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371067  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371069  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371079  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371083  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371091  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371094  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371103  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371104  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371105  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371109  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371111  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371116  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371117  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371118  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371130  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371131  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371138  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371139  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371145  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371149  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371151  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371157  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371190  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371235  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371236  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371237  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371246  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371247  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371251  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371255  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371256  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371260  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371266  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371267  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371268  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371271  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371277  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371279  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371280  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371283  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371287  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371288  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371289  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371290  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371293  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371300  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371302  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371303  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371304  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371309  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371315  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371317  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371319  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371324  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371326  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371328  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371329  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371334  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371337  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371338  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371340  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371342  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371345  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371347  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371350  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371353  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371354  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371357  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371363  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371364  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371367  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371372  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371376  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371379  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371380  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371382  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371386  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371393  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371394  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371397  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371404  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371415  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371416  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371417  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371419  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371420  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371421  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371422  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371423  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371426  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371427  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371428  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371429  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371442  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371444  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371455  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371456  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371457  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371458  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371482  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371483  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371495  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371497  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371498  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371499  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371500  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371506  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371513  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371533  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371535  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371538  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371546  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371551  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371553  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371557  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371558  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371560  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371574  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371575  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371576  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371579  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371580  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371581  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371591  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371592  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371595  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371596  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371599  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371601  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371608  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371609  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371612  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371615  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371627  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371629  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371641  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371644  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371647  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371652  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371653  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371655  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371656  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371657  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371663  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371672  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371673  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371677  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371681  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371682  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371688  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371695  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371700  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371703  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371705  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371708  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371709  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371714  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371717  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371722  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371728  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371729  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371733  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371734  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371736  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371738  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371747  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371764  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371765  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371767  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371768  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371769  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371770  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371771  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371773  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371775  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371778  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371782  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371783  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371784  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371789  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371790  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371792  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371793  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371796  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371801  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371803  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371808  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371810  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371816  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371817  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371819  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371824  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371825  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371829  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371833  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371835  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371841  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371842  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371847  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371849  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371850  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371851  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371854  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371858  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371863  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371869  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371874  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371875  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371877  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371882  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371883  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371889  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371892  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371893  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371895  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371896  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371897  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371898  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371900  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371901  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371902  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371903  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371904  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371906  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371910  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371912  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371913  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371914  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371919  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371920  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371921  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371922  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371923  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371927  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371928  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371940  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371941  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371942  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371944  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371949  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371950  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371951  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371952  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371954  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371956  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371957  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371962  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371965  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371987  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371989  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371992  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371995  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371996  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371999  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372000  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372001  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372002  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372009  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372010  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372016  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371678  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372027  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372028  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372031  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372032  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372033  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372034  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372036  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372037  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372043  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372048  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372055  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372056  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372060  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372063  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372068  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372073  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372075  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372077  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372078  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372079  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372082  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372089  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372104  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372105  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372109  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372115  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372116  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372117  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372122  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372124  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372126  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372129  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372136  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372139  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372140  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372152  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372160  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372163  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372164  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372167  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372170  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372174  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372180  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372184  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372186  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372188  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372190  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372198  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372201  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372202  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372203  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372204  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372205  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372209  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372210  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372214  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372215  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372216  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372218  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372220  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372221  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372231  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372233  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372234  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372236  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372238  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372248  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372249  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372254  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372256  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372274  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372280  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372294  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372305  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372323  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372325  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372329  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372334  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372336  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372362  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372402  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372403  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372405  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372407  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372412  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372447  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372448  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372465  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372472  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372479  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372453  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372493  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372498  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372501  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372503  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372504  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372506  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372507  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372510  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372511  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372522  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372523  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372530  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372531  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372538  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372539  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372541  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372544  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372546  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372551  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372552  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372555  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372567  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372570  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372576  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372578  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372592  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372596  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372602  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372603  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372605  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372606  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372610  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372613  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372615  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372625  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372627  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372634  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372637  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372639  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372643  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372648  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372649  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372651  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372659  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372664  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372673  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372680  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372688  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372689  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372690  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372691  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372696  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372698  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372699  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372700  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372706  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372708  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372710  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372711  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372716  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372717  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372718  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372720  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372721  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372722  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372725  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372726  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372729  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372737  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372777  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372781  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372782  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372792  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372760  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372770  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372772  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372773  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372799  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372801  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372805  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372817  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372821  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372823  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372827  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372829  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372832  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372833  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372838  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372842  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372843  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371092  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371093  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371154  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371698  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371702  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371740  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371745  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371785  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371805  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371806  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371807  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371823  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371827  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371832  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371834  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371879  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371881  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 321918  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371935  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371991  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 377001  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371001  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371005  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371007  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371015  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371038  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371041  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371042  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371043  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371044  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371055  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371056  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371066  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 2 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371089  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371098  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371107  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371134  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371141  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371142  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371170  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371173  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371188  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371199  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371295  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371339  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371360  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371365  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371366  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371377  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371405  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371408  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371410  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371411  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371418  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371480  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371493  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371507  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371514  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371537  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371572  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371602  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371607  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371622  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371639  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371649  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371676  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371706  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371763  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371772  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371804  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371812  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371813  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371815  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371820  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371822  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371867  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371894  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371909  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371929  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371936  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371945  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371946  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371955  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372006  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372014  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372069  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372074  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372100  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372110  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372125  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372135  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372153  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372158  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372159  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372166  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372185  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372192  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372193  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372230  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372232  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372250  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372322  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372327  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372433  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372585  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372607  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372618  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372745  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372761  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372780  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372853  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350127  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable Oscommerce Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable Oscommerce Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350027  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371022  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371023  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371024  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371030  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371032  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371035  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371061  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371174  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371184  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371187  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371195  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371200  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371201  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371202  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371205  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371206  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371210  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371211  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371231  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371232  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371233  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371234  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371241  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371249  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371250  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371252  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371259  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371261  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371264  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371285  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371291  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371294  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371301  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371306  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371331  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371332  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371341  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371362  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371390  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371398  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371401  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371443  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371448  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371453  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371454  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371470  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371477  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371479  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371481  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371484  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371485  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371486  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371487  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371488  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371489  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371491  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371496  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371502  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371503  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371504  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371508  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371509  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371510  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371511  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371512  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371515  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371518  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371519  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371520  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371523  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371524  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371525  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371527  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371528  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371529  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371530  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371532  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371539  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371540  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371541  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371542  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371543  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371548  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371549  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371550  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371554  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371573  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371585  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371586  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371588  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371589  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371611  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371617  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371618  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371619  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371626  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371640  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371650  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371675  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371680  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371683  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371685  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371686  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371690  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371692  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371696  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371699  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371710  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371712  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371713  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371716  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371719  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371723  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371724  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371725  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371726  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371727  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371730  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371732  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371735  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371737  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371741  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371744  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371746  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371748  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371749  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371750  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371751  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371752  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371753  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371754  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371755  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371756  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371758  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371759  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371762  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371766  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371774  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371777  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371781  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371786  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371787  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371788  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371794  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371795  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371797  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371799  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371800  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371802  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371809  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371814  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371818  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371821  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371826  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371828  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371830  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371831  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371837  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371839  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371843  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371844  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371846  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371848  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371855  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371856  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371859  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371862  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371864  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371866  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371870  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371873  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371876  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371880  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371885  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371886  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371890  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371899  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371905  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371924  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371932  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371933  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371937  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371959  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371963  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371967  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371974  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371984  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371986  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371988  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371990  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371998  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372004  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372015  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372019  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372025  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372026  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372029  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372035  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372038  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372039  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372044  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372045  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372046  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372047  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372049  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372050  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372051  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372052  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372053  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372054  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372058  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372059  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372061  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372062  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372064  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372065  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372066  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372067  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372070  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372071  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372072  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372081  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372083  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372084  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372085  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372086  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372087  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372090  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372092  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372093  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372094  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372097  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372098  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372102  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372103  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372106  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372107  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372108  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372111  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372119  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372120  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372121  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372127  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372128  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372130  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372131  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372133  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372134  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372138  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372141  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372143  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372144  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372145  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372147  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372148  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372149  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372154  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372155  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372156  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372157  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372161  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372162  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372165  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372168  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372171  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372172  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372175  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372177  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372178  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372179  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372187  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372191  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372194  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372195  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372196  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372197  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372200  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372206  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372207  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372208  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372211  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372212  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372213  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372217  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372219  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372226  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372227  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372229  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372235  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372375  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372389  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372444  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372460  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372492  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372526  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372612  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372668  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372860  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350031  

***  

**Alert message:** Atomicorp.com WAF Rules: IRIran eshop builder SQL injection Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: IRIran eshop builder SQL injection Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350025  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350022  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 351100  

***  

**Alert message:** Atomicorp.com WAF Rules: Gravity Board Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Gravity Board Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350001  

***  

**Alert message:** Atomicorp.com WAF Rules: SilverNews Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: SilverNews Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350002  

***  

**Alert message:** Atomicorp.com WAF Rules: PHPBB 2.0 Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: PHPBB 2.0 Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371033  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371064  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371073  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371074  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371078  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371082  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371084  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371085  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371086  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371087  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371088  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371095  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371265  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371494  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371501  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371516  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371547  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371555  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371556  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371563  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371564  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371569  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371570  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371578  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371582  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371634  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371674  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371707  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371720  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371739  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371776  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371779  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371791  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371857  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371865  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371868  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371907  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371908  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371915  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371958  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371985  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371994  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372091  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372228  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372237  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372239  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372242  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372244  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372245  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372247  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372251  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372252  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372253  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372257  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372263  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372269  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372275  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372277  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372278  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372279  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372285  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372286  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372289  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372292  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372293  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372295  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372297  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372298  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372299  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372300  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372301  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372303  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372306  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372307  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372309  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372310  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372312  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372313  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372315  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372317  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372324  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372332  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372333  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372335  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372337  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372338  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372339  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372346  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372347  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372348  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372351  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372352  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372353  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372357  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372359  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372360  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372363  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372366  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372368  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372369  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372370  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372371  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372373  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372380  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372381  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372382  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372383  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372384  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372385  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372387  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372390  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372392  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372394  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372395  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372396  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372399  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372400  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372401  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372404  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372406  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372408  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372409  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372411  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372414  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372416  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372418  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372419  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372421  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372423  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372425  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372427  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372428  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372434  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372435  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372437  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372439  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372440  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372442  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372445  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372451  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372456  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372457  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372458  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372461  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372463  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372464  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372466  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372469  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372470  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372471  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372474  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372475  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372477  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372478  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372480  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372485  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372486  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372489  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372495  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372497  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372502  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372508  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372509  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372512  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372513  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372515  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372516  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372517  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372521  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372524  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372525  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372533  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372535  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372537  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372542  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372545  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372556  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372557  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372558  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372561  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372564  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372568  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372569  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372572  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372579  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372582  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372588  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372590  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372594  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372597  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372604  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372608  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372611  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372614  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372616  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372617  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372620  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372621  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372623  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372624  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372629  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372632  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372636  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372640  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372641  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372646  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372647  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372652  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372655  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372656  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372661  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372663  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372665  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372666  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372667  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372669  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372672  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372675  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372676  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372679  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372682  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372683  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372684  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372687  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372694  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372697  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372701  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372702  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372703  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372705  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372707  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372709  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372713  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372714  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372719  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372727  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372728  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372730  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372733  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372735  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372741  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372742  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372743  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372744  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372748  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372749  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372751  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372752  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372756  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372757  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372759  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372762  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372763  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372769  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372771  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372775  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372776  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372778  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372783  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372784  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372786  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372788  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372791  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372795  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372796  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372798  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372800  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372802  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372803  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372807  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372808  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372809  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372810  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372815  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372816  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372819  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372820  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372822  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372825  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372826  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372828  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372830  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372841  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372845  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372846  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372849  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372852  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372854  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372856  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372857  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372858  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 372861  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371613  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371176  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371177  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371178  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371179  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371181  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371182  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371189  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371198  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371207  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371213  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371214  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371307  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371562  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371204  

***  

**Alert message:** Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371180  

***  

**Alert message:** Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371193  

***  

**Alert message:** Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371209  

***  

**Alert message:** Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371217  

***  

**Alert message:** Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371982  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- lowercase

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371183  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371191  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371215  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371220  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371224  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371218  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371186  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371223  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371185  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371192  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371197  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371203  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371208  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371216  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371219  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371221  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371229  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371230  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371225  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371226  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371227  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371238  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371026  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Google Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Google Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371964  

***  

**Alert message:** Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Search Engine Recon Attempt for sensitive information

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350012  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371977  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371978  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371979  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371980  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 371916  

***  

**Alert message:** Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Vulnerable App Search Engine Recon Attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

# WAF Rule ID 350030  

***  

**Alert message:** Atomicorp.com WAF Rules: Web Shell Search Engine Recon attempt 

**Rule Class:** Generic Attack Ruleset (60_asl_recons.conf)

**Version:** 1 

**Severity:** Critical (HIDS: 9)

**HTTP Protocol Phase:** 2 

**HTTP Status:** 403 

**Action:** deny 

**Transforms:** 

- compressWhitespace

- htmlEntityDecode

- lowercase

- urlDecodeUni

**Log Types:** 

- Basic Information (log)

- Capture full session (auditlog)

**Description:**

 Atomicorp.com WAF Rules: Web Shell Search Engine Recon attempt

**Troubleshooting:**

**False Positives:**

Instructions to report false positives are detailed at [Reporting False Positives](https://wiki.atomicorp.com/wiki/index.php/Reporting_False_Positives)  If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

**Configuration Notes:** 

- enabled by: MODSEC_10_RULES 

- Requires Engine version: 2.9.0 or above

**Tuning guidance Notes:** 

None.

If you know that this behavior is acceptable for your application, you can tune by following the guidance on the Tuning the [Atomicorp WAF Rules](https://wiki.atomicorp.com/wiki/index.php/Mod_security)

**Additional Information:**

**Similar rules:**

None.

**Outside References:**

None.

