Historical

Rule ID	Description	Announcement Date	Change Date	Old WAF Action	New WAF action
9002140	OWASP WordPress improvement	2019-09-23	2019-09-23	Scoring based	Scoring based
9002140_JSON	OWASP WordPress improvement	2019-09-23	2019-09-23	Scoring based	Scoring based
9002141	OWASP WordPress improvement	2019-09-23	2019-09-23	Scoring based	Scoring based
9002141_JSON	OWASP WordPress improvement	2019-09-23	2019-09-23	Scoring based	Scoring based
100008E	SQLi improvement	2019-09-23	2019-09-30	Block	Block
100162	SQLi improvement on 'SELECT FROM TABLE' statements	2019-09-16	2019-09-23	N/A	Block
9002140	Small improvement to Gutenberg exception rules	2019-09-02	2019-09-09	N/A	Scoring based
9002140_JSON	Small improvement to Gutenberg exception rules	2019-09-02	2019-09-09	N/A	Scoring based
9002141	Small improvement to Gutenberg exception rules	2019-09-02	2019-09-09	N/A	Scoring based
9002141_JSON	Small improvement to Gutenberg exception rules	2019-09-02	2019-09-09	N/A	Scoring based
100160	JBoss protection improvement	2019-09-09	2019-09-16	N/A	Block
URI-973326	Small improvement in OWASP rule	2019-08-09	2019-09-09	Scoring based	Scoring based
973326	Small improvement in OWASP rule	2019-08-09	2019-09-09	Scoring based	Scoring based
URI-950901	Remove OWASP rule	2019-07-29	2019-09-02	Scoring based	N/A
959151	Small improvement in OWASP rule	2019-07-29	2019-09-02	Block	Block
950901	Remove OWASP rule	2019-07-29	2019-09-02	Scoring based	N/A
100158	SQL Injection - Obfuscated SELECT expressions	2019-06-17	2019-09-09	Log	Block
9002140	Reducing WAF false positives for the Gutenberg WordPress editor	2019-07-22	2019-07-24	N/A	Scoring based
9002140_JSON	Reducing WAF false positives for the Gutenberg WordPress editor	2019-07-22	2019-07-24	N/A	Scoring based
9002141	Reducing WAF false positives for the Gutenberg WordPress editor	2019-07-22	2019-07-24	N/A	Scoring based
9002141_JSON	Reducing WAF false positives for the Gutenberg WordPress editor	2019-07-22	2019-07-24	N/A	Scoring based
D0003B	Disable rule by default	2019-07-22	2019-07-29	Block	Disable
100005A	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100007N	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100009DBETA	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100009I	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100009L	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100010B	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100021CD	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100030_BETA	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100030ARGS_LOOSE	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100035B2	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100035D	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100042	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100056_BETA	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100057	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100059	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100061	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100062	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100062_BETA	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100064	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100066	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100067	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100068	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100075	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100077	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100078B	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100083	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100084	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100085	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100086	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100088C	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100093	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100096BEVIL	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100096BHTML	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100096EVIL	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100096HTML	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100098	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100105	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100106B	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100107ARGS	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100108	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100108ARGS	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100109	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100109B	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100111	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100115	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100119	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100122	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100123B	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100126	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100131	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100133	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100135B	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100137	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100139A	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100140	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100146	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100146B	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100149	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100158	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
CFMISC0004	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
CFMISC0004B	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
CFMISC0016B	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
D0005	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
D0016	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
PHP100008	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
PHP100009	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
PHP100010	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
PHP100011ARGS	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
PHP100011COOKIE	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
WP0012	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
WP0025C	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
WP0028	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
WP0030	Disable rule by default	2019-07-22	2019-07-29	Log	Disable
100136A	Improve XSS Javascript URI detection and reduce false positives	2019-07-01	2019-07-29	Block	Block
100136B	Improve XSS Javascript URI detection and reduce false positives	2019-07-01	2019-07-29	Block	Block
100136C	Improve XSS Javascript URI detection and reduce false positives	2019-07-01	2019-07-29	Block	Block
100135A	Improve XSS Javascript Events detection and reduce false positives	2019-07-01	2019-07-29	Block	Block
100135B	Improve XSS Javascript Events detection and reduce false positives	2019-07-01	2019-07-29	Log	Block
100135C	Improve XSS Javascript Events detection and reduce false positives	2019-07-01	2019-07-29	Block	Block
100030	Improve XSS HTML Script Tag detection	2019-07-01	2019-07-22	Block	Block
100153	Block Oracle WebLogic - Command Injection - CVE-2019-2729	2019-06-27	2019-06-27	Block	Block
9002140A	Improve 9002140A	2019-06-19	2019-06-19	Scoring based	Scoring based
9002140B	Improve 9002140B	2019-06-19	2019-06-19	Scoring based	Scoring based
9002140A	Improve 9002140A	2019-06-17	2019-06-17	Scoring based	Scoring based
9002140A	Improve 9002140B	2019-06-17	2019-06-17	Scoring based	Scoring based
9002140B_BETA	Improve 9002140B	2019-06-10	2019-06-10	Scoring based	Scoring based
WP0033	Easy WP SMTP - Deserialization	2019-06-10	2019-06-17	Log	Block
100156	XSS, HTML Injection - Malicious HTML Encoding	2019-06-10	2019-06-17	Log	Block
100005	Improved shell variable normalization	2019-06-03	2019-06-10	Block	Block
100007NS	Improved shell variable normalization	2019-06-03	2019-06-10	Block	Block
100096BHTML	XSS, HTML Injection - Body	2019-06-03	2019-06-03	N/A	Log
100096BEVIL	XSS, HTML Injection - Body	2019-06-03	2019-06-03	N/A	Log
100155	PHPCMS - Dangerous File Upload - CVE-2018-14399	2019-06-03	2019-06-10	Log	Block
9002140A	New OWASP rules to allow requests from the WordPress's Gutenberg editor	2019-05-28	2019-06-03	N/A	Scoring based
9002140B	New OWASP rules to allow requests from the WordPress's Gutenberg editor	2019-05-28	2019-06-03	N/A	Scoring based
All	Improve Rule Descriptions	2019-05-20	2019-05-28	N/A	N/A
100157	Microsoft SharePoint Deserialization - CVE-2019-0604 (Strict)	2019-05-20	2019-05-28	Block	Block
100053	Potential FI or Alias/Rewrite Bypass - Double Slash in URL	2019-05-13	2019-05-20	Disable	Disable
100157	Microsoft SharePoint Deserialization - CVE-2019-0604	2019-05-13	2019-05-13	N/A	Block
100122ARGS	Dangerous stream wrappers	2019-05-13	2019-05-20	Block	Deprecated
100122ARGS_GET	Dangerous stream wrappers	2019-05-13	2019-05-20	Block	Deprecated
100122	Dangerous stream wrappers	2019-05-13	2019-05-20	Log	Block
100154	WordPress Social Warfare RCE/XSS (CVE-2019-9978)	2019-05-07	2019-05-13	Log	Block
9002140	Reduce OWASP false positives	2019-05-07	2019-05-13	Log	Allow
100008	Improve SQLi detection	2019-05-07	2019-05-13	Block	Block
100135A	Improve XSS detection and reduce false positives	2019-04-29	2019-05-07	Block	Block
100135B	Improve XSS detection and reduce false positives	2019-04-29	2019-05-07	Log	Block
100135C	Improve XSS detection and reduce false positives	2019-04-29	2019-05-07	Block	Block
100136A	Improve XSS detection and reduce false positives	2019-04-29	2019-05-07	Block	Block
100136B	Improve XSS detection and reduce false positives	2019-04-29	2019-05-07	Block	Block
100153	Block Oracle WebLogic CVE-2019-2725, CVE-2017-10271, CVE-2017-3506	2019-04-29	2019-05-07	N/A	Block
100148	Improve inline XSS detection	2019-04-29	2019-05-07	Log	Block
100105HEADERS	PHP serialization in headers, excluding Cookies	2019-04-29	2019-05-07	N/A	Block
100146C	Potential SSRF attack	2019-04-29	2019-05-07	Log	Block
100106	PostgreSQL COPY Injection	2019-04-29	2019-05-07	Block	Block
100139A	HTML Injection, XSS or Code Injection via data URI	2019-04-29	2019-05-07	N/A	Log
100139B	HTML Injection, XSS or Code Injection via data URI	2019-04-29	2019-05-07	N/A	Block
100139C	HTML Injection, XSS or Code Injection via data URI	2019-04-29	2019-05-07	N/A	Block
100105REFERER	PHP serialization in Referer header	2019-04-22	2019-04-29	N/A	Block
100152	Joomla CVE-2019-10945	2019-04-22	2019-04-29	N/A	Block
100144	NoSQL Injection attack (Expression vector)	2019-04-22	2019-04-29	Log	Block
100143	NoSQL Injection attack (comparison vector)	2019-04-22	2019-04-29	Log	Block
100135A	Improve XSS detection	2019-04-15	2019-04-22	Block	Block
100135B	Improve XSS detection	2019-04-15	2019-04-22	Block	Block
100136A	Improve XSS detection	2019-04-15	2019-04-22	Block	Block
100136B	Improve XSS detection	2019-04-15	2019-04-22	Block	Block
100097G	Improve SQLi blocking	2019-04-15	2019-04-22	Log	Block
WP0034	WordPress zero day XSS	2019-04-15	2019-04-22	N/A	Block
100010A	Improve SQLi detection	2019-04-15	2019-04-22	Block	Block
PHP100013	Blocks PHP CGI attack by default	2019-04-15	2019-04-22	Log	Block
100150	Block CVE-2019-10842	2019-04-15	2019-04-22	N/A	Block
100148	Improve XSS inline detection	2019-04-15	2019-04-29	Log	Block
100142	NoSQL Injection attack (array vector)	2019-04-08	2019-04-15	Log	Block
100135A	Improve XSS event detection	2019-04-01	2019-04-08	N/A	N/A
100135B	Improve XSS event detection	2019-04-01	2019-04-08	N/A	N/A
100135C	Improve XSS event detection	2019-04-01	2019-04-08	N/A	N/A
100030SVG	Improve XSS event detection	2019-04-01	2019-04-08	N/A	N/A
100021C	Improve XSS event detection	2019-04-01	2019-04-08	N/A	N/A
100021CE	Improve XSS event detection	2019-04-01	2019-04-08	N/A	N/A
100021CB	Improve XSS event detection	2019-04-01	2019-04-08	N/A	N/A
100021CD	Improve XSS event detection	2019-04-01	2019-04-08	N/A	N/A
100021CD2	Improve XSS event detection	2019-04-01	2019-04-08	N/A	N/A
100021CD3	Improve XSS event detection	2019-04-01	2019-04-08	N/A	N/A
D0020BETA	Improve blocking of SA-CORE-2019-003	2019-04-01	2019-04-08	Log	Block
D0017	Improve blocking of SA-CORE-2019-003	2019-04-01	2019-04-08	Log	Block
D0017	Improve blocking of SA-CORE-2019-003	2019-04-01	2019-04-08	Log	Deleted
D0018	Improve blocking of SA-CORE-2019-003	2019-04-01	2019-04-08	Log	Deleted
D0019	Improve blocking of SA-CORE-2019-003	2019-04-01	2019-04-08	Log	Deleted
D0021	Improve blocking of SA-CORE-2019-003	2019-04-01	2019-04-08	Log	Deleted
100127	Improve blocking of SA-CORE-2019-003	2019-04-01	2019-04-08	Log	Deleted
100128	Improve blocking of SA-CORE-2019-003	2019-04-01	2019-04-08	Log	Deleted
100136A	Improve XSS detection using javascript events	2019-03-25	2019-04-01	N/A	Block
100136B	Improve XSS detection using javascript events	2019-03-25	2019-04-01	N/A	Block
100136C	Improve XSS detection using javascript events	2019-03-25	2019-04-01	N/A	Block
100135A	Improve XSS detection using javascript URI	2019-03-25	2019-04-08	N/A	Block
100135B	Improve XSS detection using javascript URI	2019-03-25	2019-04-08	N/A	Log
100135C	Improve XSS detection using javascript URI	2019-03-25	2019-04-08	N/A	Block
100120BETA2	Reduce 100120's false positives	2019-03-25	2019-04-01	Log	Block
100123A	Improve invalid UTF-8 detection	2019-03-25	2019-04-08	N/A	Block
100123B	Improve invalid UTF-8 detection	2019-03-25	2019-04-08	N/A	Log
WP0032BETA	Reduce false positives for WP0032	2019-03-25	2019-04-01	Log	Block
100122ARGS	Block use of stream wrappers in all arguments	2019-03-25	2019-04-01	Log	Block
100132	Protection for Apache Tika Command Injection CVE-2018-1335	2019-03-25	2019-04-01	Log	Block
PHP100006	Improve PHP webshell attempt detection.	2019-03-25	2019-04-01	Log	Block
100005	Merge LFI 100005_BETA into 100005. Mitigates CVE-2018-9126, CVE-2011-1892.	2019-03-25	2019-04-01	Block	Block
100005U	Superseded by 100005	2019-03-25	2019-04-01	Block	Block
100005UR	Superseded by 100005	2019-03-25	2019-04-01	Block	Block
100134	Ruby on Rails File Disclosure CVE-2019-5418	2019-03-25	2019-04-01	Log	Block
100120BETA	Improve 100120's coverage of SQLi	2019-03-18	2019-03-25	Log	Block
100130	Executable file upload attempt	2019-03-18	2019-04-08	Log	Block
100130B	Executable file with fake extension upload attempt	2019-03-18	2019-03-25	Log	Block
100021CB	Improves XSS event detection using alternate syntax \`, brackets, and parenthesis.	2019-03-11	2019-03-18	Log	Block
100021A	Improve XSS detection in Referer Header	2019-03-11	2019-03-18	Challenge	Block
100030SVG	Improve XSS event detection	2019-03-11	2019-03-18	Challenge	Block
100021C	Improve XSS event detection	2019-03-11	2019-03-18	Block	Block
100021CE	Improve XSS event detection	2019-03-11	2019-03-18	Block	Block
100021CB	Improve XSS event detection	2019-03-11	2019-03-18	Block	Block
100122ARGS_GET	Block use of stream wrappers in GET arguments (RFI/RCE)	2019-03-11	2019-03-18	Log	Block
100125	Block AngularJS Sandbox attacks	2019-03-11	2019-03-18	Log	Block
100021D	Improve XSS detection	2019-03-11	2019-03-18	Challenge	Block
WP0031	WordPress RCE - CVE-2019-8942, CVE-2019-8943	2019-03-04	2019-03-11	N/A	Block
100021CB	Improve XSS event detection	2019-03-04	2019-03-11	Challenge	Block
100021C	Improve XSS event detection	2019-03-04	2019-03-11	Block	Block
100008E	Improve SQLi probing	2019-02-25	2019-03-04	Block	Block
100123	UTF-8 Invalid Characters detection (URL)	2019-02-18	2019-03-04	Log	Block
100124A	UTF-8 Invalid Characters detection	2019-02-11	2019-02-11	N/A	Disable
100124B	UTF-8 Invalid Characters detection	2019-02-11	2019-02-11	N/A	Disable
100008E	Improve SQLi probe detection	2019-02-11	2019-02-18	N/A	Block
100063_BETA	Reduce false positives for 100063	2019-02-11	2019-02-18	Log	Block
100008	Moved rule out of BETA	2019-02-08	2019-02-08	Block	Block
100021H	Improve XSS	2019-02-11	2019-02-18	Log	Block
100021G	Delete XSS rule	2019-02-11	2019-02-18	Block	Deleted
100011	Block requests with null bytes	2019-02-04	2019-02-04	N/A	Disable
100020	Blocked SQLi with mysql comments	2019-01-28	2019-02-04	Log	Block
100120B	Blocked SQLi with mysql comments	2019-01-28	2019-02-04	Log	Block
100120C	Blocked SQLi with mysql comments	2019-01-28	2019-02-04	N/A	Disable
100054	Block CVE-2017-5638 RCE attempts	2019-01-28	2019-02-04	Log	Block
100009C	Reduce 100009C false positives	2019-01-21	2019-01-28	Block	Block
100007	Improved RCE detection	2019-01-21	2019-01-28	Block	Block
PHP100012	Detect CVE-2017-9841	2019-01-21	2019-01-28	N/A	Block
100112B	Block requests with duplicated User-Agent headers	2019-01-21	2019-01-21	N/A	Disable
D0015	Emergency release for Drupal SA-CORE-2019-002 vulnerability	2019-01-17	2019-01-17	N/A	Block
D0016	Emergency release for Drupal SA-CORE-2019-002 vulnerability	2019-01-17	2019-01-17	N/A	Log
100009J	Reduce 100009J false positives	2019-01-14	2019-01-21	Block	Block
100114	Improved XSS probing detection	2019-01-14	2019-01-21	Log	Block
100005	Improved LFI detection	2019-01-14	2019-01-21	Log	Block
PHP100011	Improved PHP code injection detection in URI and headers	2019-01-07	2019-01-14	Log	Block
100121ARGS_GET	Use of multiple percent-encoding level in URI arguments	2019-01-07	2019-01-07	N/A	Disable
100121URI	Use of multiple percent-encoding level in URI	2019-01-07	2019-01-07	N/A	Disable
100021CD3	XSS reflection with javascript events	2019-01-02	2019-01-02	N/A	Disable
100068B	Improve SQLi detection	2018-12-17	2019-01-02	Log	Block
100021_BETA	Improve XXS detection	2018-12-17	2019-01-02	Log	Challenge
100016_BETA	Improved sensitive directories access	2018-12-06	2018-12-11	Log	Block
100035U_BETA	Improved Baidu bot detection	2018-11-26	2018-12-06	Log	Block
100026_BETA	Improved PHP injection detection	2018-11-26	2018-12-06	Log	Block
100118	Improved SQLi detection	2018-11-12	2018-11-19	Log	Block
100008_BETA	Improved SQLi detection	2018-11-05	2018-11-12	Log	Block
100116	For CVE-2018-9206, vulnerable jQuery File Uploader	2018-11-05	2018-11-19	Log	Block
100117	For CVE-2018-9206, vulnerable jQuery File Uploader	2018-11-05	2018-11-19	Log	Block
100114	XSS probing detection	2018-10-29	2018-11-12	Log	Block
100097	libinjection based SQLi detection rule.	2018-10-22	2018-10-29	N/A	Disable
100097F	libinjection based SQLi detection rule.	2018-10-22	2018-10-29	Log	Block
100112	Block requests with duplicated headers	2018-10-15	2018-10-15	N/A	Disable
100070	Block requests with invalid x-forwarded-for headers	2018-10-15	2018-10-22	Log	Block
100107	Improved XSS Probing detection	2018-10-15	2018-10-22	Log	Block
100111	Detect large numbers of GET parameters in requests	2018-10-15	2018-10-22	Log	Block
100109	Detect large numbers of GET parameters in requests	2018-10-15	2018-10-22	Log	Block
100109B	Detect large numbers of GET parameters in requests	2018-10-15	2018-10-22	Log	Log
100110	Detect large numbers of GET parameters in requests	2018-10-15	2018-10-22	Disable	Disable
WP0020	WP allowlist	2018-10-01	2018-10-08	Allow	Allow
WP0004	WP allowlist	2018-10-01	2018-10-08	Allow	Allow
100088B_BETA	Improved XXE detection	2018-09-24	2018-10-08	Log	Block
100030	Improved XSS Probing detection	2018-09-24	2018-10-08	Challenge	Block
100021B	Improved XSS Probing detection	2018-09-24	2018-10-08	Block	Block
100030_BETA	Improved XSS Probing detection	2018-09-24	2018-10-08	Log	Block
100008CW_BETA	Improved SQLi sleep probing	2018-09-24	2018-10-01	Log	Block
100106	Improved SQLi detection	2018-09-24	2018-10-01	Log	Block
100009J_BETA	Improved SQLi detection	2018-09-24	2018-10-01	Log	Block
100009CB	Improved SQLi detection	2018-09-17	2018-09-24	Log	Block
100102	Rules to stop file read and deletion vulnerabilities in GhostScript	2018-09-17	2018-09-24	Log	Block
100103	Rules to stop file read and deletion vulnerabilities in GhostScript	2018-09-17	2018-09-24	Log	Block
100101	Emergency release for vulnerability in Ghostscript	N/A	2018-09-12	N/A	Block
950907	Additional OWASP rules can be disabled in UI	2018-09-17	2018-09-24	N/A	N/A
950008	Additional OWASP rules can be disabled in UI	2018-09-17	2018-09-24	N/A	N/A
950010	Additional OWASP rules can be disabled in UI	2018-09-17	2018-09-24	N/A	N/A
950011	Additional OWASP rules can be disabled in UI	2018-09-17	2018-09-24	N/A	N/A
960008	Additional OWASP rules can be disabled in UI	2018-09-17	2018-09-24	N/A	N/A
960015	Additional OWASP rules can be disabled in UI	2018-09-17	2018-09-24	N/A	N/A
960009	Additional OWASP rules can be disabled in UI	2018-09-17	2018-09-24	N/A	N/A
100009C_BETA	Improved SQLi detection	2018-09-10	2018-09-17	Log	Deleted
100021CE	Improved XSS Detection	2018-09-03	2018-09-10	Block	Block
100088B	Improved XXE Detection	2018-09-03	2018-09-10	Log	Block
100091B	Improved XSS Detection	2018-09-03	2018-09-10	N/A	Block
PLONE0002	Update rule regex	2018-08-20	2018-08-28	Block	Block
100021CE_BETA	Improved XSS Detection	2018-08-20	2018-08-28	Log	Block
100030SVG_BETA	Improved XSS Detection	2018-08-20	2018-08-28	Log	Block
100090	Improved XSS Detection	2018-08-20	2018-08-28	Log	Block
100091	Improved XSS Detection	2018-08-20	2018-08-28	Log	Block
100092	Improved XSS Detection	2018-08-20	2018-08-28	Log	Block
100093	Improved XSS Detection	2018-08-20	2018-08-28	Log	Log
100063	Reduction in false positives	2018-08-13	2018-08-13	Block	Block
100035C	Improved detection of fake google bots.	Emergency release 2018-08-10	2018-08-10	N/A	Block
100095	Rules to block cache poisoning attacks	Emergency release 2018-08-13	2018-08-10	N/A	Block
100095B	Rules to block cache poisoning attacks	Emergency release 2018-08-13	2018-08-10	N/A	Block
WP0003	Disable login	2018-08-13	2018-08-10	Allow	Allow
WP0025B	Reducing the false positives WP0025B caused in the Gutenberg WordPress editor.	2018-08-06	2018-08-08	Block	Block
WP0025D	Reducing the false positives WP0025B caused in the Gutenberg WordPress editor.	2018-08-06	2018-08-08	Block	Block
D0006	These attempt to address SA-CORE-2018-005 by matching certain headers.	Emergency release, 2019-08-03	2019-08-03	N/A	Block
D0007	These attempt to address SA-CORE-2018-005 by matching certain headers.	Emergency release, 2019-08-03	2019-08-03	N/A	Block
D0008	These attempt to address SA-CORE-2018-005 by matching certain headers.	Emergency release, 2019-08-03	2019-08-03	N/A	Disable
D0009	These attempt to address SA-CORE-2018-005 by matching certain headers.	Emergency release, 2019-08-03	2019-08-03	N/A	Disable
D0010	These attempt to address SA-CORE-2018-005 by matching certain headers.	Emergency release, 2019-08-03	2019-08-03	N/A	Disable
D0011	These attempt to address SA-CORE-2018-005 by matching certain headers.	Emergency release, 2019-08-03	2019-08-03	N/A	Disable
D0012	These attempt to address SA-CORE-2018-005 by matching certain headers.	Emergency release, 2019-08-03	2019-08-03	N/A	Disable
D0013	These attempt to address SA-CORE-2018-005 by matching certain headers.	Emergency release, 2019-08-03	2019-08-03	N/A	Block
D0014	These attempt to address SA-CORE-2018-005 by matching certain headers.	Emergency release, 2019-08-03	2019-08-03	N/A	Block
100038	Blocks requests to /server_status, which g ives away information on how a server works.	2018-08-30	2018-08-06	Log	Block
100089	Improved SQLi detection	2018-07-16	2018-07-30	Log	Block