Hi Arularasan,
Thanks for your post. I hope you are doing good.
If you believe that this is a False Positive, you can do the following things to avoid it in the future:
1) You can override the default rate for Slow HTTP protection or disable it entirely (not recommended). Please find more information about overriding the default rate here: https://docs.imperva.com/bundle/cloud-application-security/page/settings/ddos-settings.htm
2) You can add an exception (add entry to the allowlist) for DDoS protection. The exception can be based on URL, Client app ID, IP, or source country. Exceptions can be defined under a specific website configuration -> Website Settings -> WAF -> Add Allowlist. You can find more under the same url as in the previous point.
3) You can also raise a case and our support team can investigate if there are any other potential issues.
I hope it helps.
------------------------------
Bartosz Chmielewski
SE
Imperva
------------------------------
Original Message:
Sent: 12-15-2023 07:37
From: Arularasan M
Subject: One of site is blocking the file upload - slow http - DDOS
| | https://xxxxxxxxxxxxxxxxx.com/servlet/hype/IMT?userAction=XXXXXXXXXXXXX | POST | Blocked |
Request Details1228001280178141912-370778427890606093 Client disconnected while receiving response ?userAction=XXXXXXXXXXXXX Post Data documentId=ffd0bfadd012d0d420d283f9bb2767be&roleId=7e20f1b4-0e73-40ce-9fd6-12859fcab5c3&filename=TRIVIA1000.mp4 https://xxxxxxxxxxxxxxxxxxx.com/servlet/hype/IMT?userAction=XXXXXX&doc |
How I can allow this in IMPERVA WAF
#AllImperva
#DDoSProtectionforWebsites
------------------------------
Arularasan M
Network Security
Mattel, Inc.
El Segundo CA
------------------------------