Skip to content
This repository has been archived by the owner on Apr 24, 2024. It is now read-only.

Unavailability of valid entries for name field in Bot Defense-Anomalies section #38

Open
shubhammishra9 opened this issue Oct 6, 2021 · 3 comments
Open

Unavailability of valid entries for name field in Bot Defense-Anomalies section #38

shubhammishra9 opened this issue Oct 6, 2021 · 3 comments
Labels
bug Something isn't working critical

Comments

@shubhammishra9
Copy link
Collaborator

Observed no UI-validation for valid entries in name field of Bot Defense-Anomalies section. As per document ref. doc there is no list of allowed values for 'name' field but observed below mentioned error while trying random input values:
Oct 06 09:31:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[2594]: {
Oct 06 09:31:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[2594]: "completed_successfully" : false,
Oct 06 09:31:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[2594]: "error_message" : "Failed to import Policy 'myPolicy' from '/etc/app_protect/conf/waf-1633512140455.json': Could not add the Policy Bot Anomalies 'UNNAMED'. Failed on insert to PLC.PL_BOT_ANOMALIES (DBD::SQLite::db do failed: NOT NULL constraint failed: PL_BOT_ANOMALIES.bot_anomaly_id)",
Oct 06 09:31:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[2594]: "error_line_number" : 24
Oct 06 09:31:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[2594]: }
Oct 06 09:31:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[2594]: nginx: [error] APP_PROTECT { "event": "configuration_load_failure", "software_version": "3.639.0", "error_message":"Failed to import Policy 'myPolicy' from '/etc/app_protect/conf/waf-1633512140455.json': Could not add the Policy Bot Anomalies 'UNNAMED'. Failed on insert to PLC.PL_BOT_ANOMALIES (DBD::SQLite::db do faile
Oct 06 09:31:08 ip-172-31-28-230.ap-south-1.compute.internal systemd[1]: nginx.service: control process exited, code=exited status=1
Oct 06 09:31:08 ip-172-31-28-230.ap-south-1.compute.internal systemd[1]: Failed to start NGINX Plus - high performance web server.

Applied policy:
pol

Ref-Doc:
waf6
@shubhammishra9
Copy link
Collaborator Author

Observed same issue with name field of Bot Defense - Browsers section

browser2

Error Message:

Oct 06 10:44:00 ip-172-31-28-230.ap-south-1.compute.internal nginx[3235]: {
Oct 06 10:44:00 ip-172-31-28-230.ap-south-1.compute.internal nginx[3235]: "completed_successfully" : false,
Oct 06 10:44:00 ip-172-31-28-230.ap-south-1.compute.internal nginx[3235]: "error_message" : "Failed to import Policy 'myPolicy' from '/etc/app_protect/conf/waf-1633516938513.json': Could not add the Policy Browser 'Mozilla'. Failed on insert to PLC.PL_BROWSERS (DBD::SQLite::db do failed: FOREIGN KEY constraint failed)",
Oct 06 10:44:00 ip-172-31-28-230.ap-south-1.compute.internal nginx[3235]: "error_line_number" : 24
Oct 06 10:44:00 ip-172-31-28-230.ap-south-1.compute.internal nginx[3235]: }
Oct 06 10:44:00 ip-172-31-28-230.ap-south-1.compute.internal nginx[3235]: nginx: [error] APP_PROTECT { "event": "configuration_load_failure", "software_version": "3.639.0", "error_message":"Failed to import Policy 'myPolicy' from '/etc/app_protect/conf/waf-1633516938513.json': Could not add the Policy Browser 'Mozilla'. Failed on insert to PLC.PL_BROWSERS (DBD::SQLite::db do failed: FOREIGN KEY constraint failed)","completed_successfully":false,"error_line_number":24}
Oct 06 10:44:00 ip-172-31-28-230.ap-south-1.compute.internal systemd[1]: nginx.service: control process exited, code=exited status=1
Oct 06 10:44:00 ip-172-31-28-230.ap-south-1.compute.internal systemd[1]: Failed to start NGINX Plus - high performance web server.

@shubhammishra9
Copy link
Collaborator Author

shubhammishra9 commented Oct 6, 2021
edited
Loading

Observed same issue with name field of Bot Defense - Signatures section

Ref. Doc
doc

Applied policy:
mypol

Error Message:

Oct 06 11:37:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[3656]: {
Oct 06 11:37:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[3656]: "completed_successfully" : false,
Oct 06 11:37:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[3656]: "error_message" : "Failed to import Policy 'myPolicy' from '/etc/app_protect/conf/waf-1633516938513.json': Could not add the Policy Bot Signature 'UNNAMED'. Failed on insert to PLC.PL_BOT_SIGNATURES (DBD::SQLite::db do failed: NOT NULL constraint failed: PL_BOT_SIGNATURES.bot_signature_id)",
Oct 06 11:37:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[3656]: "error_line_number" : 24
Oct 06 11:37:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[3656]: }
Oct 06 11:37:08 ip-172-31-28-230.ap-south-1.compute.internal nginx[3656]: nginx: [error] APP_PROTECT { "event": "configuration_load_failure", "software_version": "3.639.0", "error_message":"Failed to import Policy 'myPolicy' from '/etc/app_protect/conf/waf-1633516938513.json': Could not add the Policy Bot Signature 'UNNAMED'. Failed on insert to PLC.PL_BOT_SIGNATURES (DBD::SQLite::db do fail
Oct 06 11:37:08 ip-172-31-28-230.ap-south-1.compute.internal systemd[1]: nginx.service: control process exited, code=exited status=1
Oct 06 11:37:08 ip-172-31-28-230.ap-south-1.compute.internal systemd[1]: Failed to start NGINX Plus - high performance web server.

@shubhammishra9 shubhammishra9 added the bug Something isn't working label Oct 13, 2021
@shubhammishra9
Copy link
Collaborator Author

shubhammishra9 commented Oct 20, 2021
edited
Loading

@yoctoserge, Below are observations after referring config doc.

my2

  1. "None" and "SEARCH_ENGINE_VERIFICATION_FAILED" found to be invalid anomaly names
  2. For browsers section user-defined browser names found to be invalid
    my3
  3. For signatures section "python-requests" is the only valid name found
    my4

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working critical
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shubhammishra9