Cloudflare is adding Drupal WAF Rule to Mitigate Critical Drupal Exploit
What's this blog post about?
On March 29, 2018, Drupal announced an update to fix a critical remote code execution exploit (SA-CORE-2018-002/CVE-2018-7600). In response, Cloudflare has released a rule to block requests matching these exploit conditions for their Web Application Firewall (WAF). The rule can be found in the Cloudflare ruleset under the Drupal category with the rule ID of D0003. The official Drupal Advisory is available at https://www.drupal.org/sa-core-2018-002.
Company
Cloudflare
Date published
March 29, 2018
Author(s)
Pasha Kravtsov
Word count
68
Language
English
Hacker News points
None found.