SQL Injection Prevention

Prophaze WAF deployed wide range of methods into its core algorithm to block generic and advanced SQL injection attacks where not-sanitised user inputs is used to inject SQL commands which can disclose system Information and data leakage. The most common sql injection methods blocked are.

SQL comment sequence

SQL hex sequence

SQL String Termination

SQL Operators Blocking

Blocks SQL Tautologies

Blocks Common Database Names

Blind SQL injection Blocking

Injection Character anomaly blocking

Injection Payload Blocking

MSSQL specific signatures

SQL Integer overflow

SQL sleep command exploit

Prevents conditional SQL injection

MySQL character switch injection

SQL Authentication Bypass

pg_sleep injection

Chained SQL Injection

Stored procedure Injection

UDF Injection using data structure manipulation

Concatenated SQL Injection


Session Fixation


Layer 7 Dos Attack Prevention