WAF blacklist rules - an idea to follow?

Posted on August 15, 2009 by Marcus.

The TYPO3 Security Team currently asks for your opinion on providing WAF blacklist rules that address vulnerabilities in TYPO3 Core and TYPO3 third-party extension.

If you are a TYPO3 agency or a TYPO3 hoster, this might be an instant help to protect against newly published vulnerabilities.

An use case would be the immediate installation of such rules when a new TYPO3 bulletin has been published. You then would be protected against upcoming exploits in no time. Afterwards, you have plenty of time to upgrade e.g. a vulnerable extension version in each of your TYPO3 installations.

So please help the TYPO3 Security Team and decide if it's worth to put further efforts into it. Participate in this kind of survey!

Permalink | Trackback link
Tags:  TYPO3 Security Blog
Views: 0
  •  
  • 0 Comment(s)
  •  

Your comment

back

Categories

  • advisory(7)
  • book(1)
  • [-]database(1)
  • exploit(1)
  • hacks(2)
  • others(6)
  • PHP(1)
  • TYPO3(22)

Tag cloud