Merge pull request #12022 from serdarbsgn/fix/huawei-waf-detection

ritikchaddha · web-flow · commit 7d67ee743e43 · 2025-05-01T12:40:46.000+05:30
Fix Huawei WAF detection rule: server header returns elb in most cases
diff --git a/http/technologies/waf-detect.yaml b/http/technologies/waf-detect.yaml
@@ -743,9 +743,9 @@ http:
         name: huaweicloud
         condition: and
         regex:
-          - '(?)content="CloudWAF"'
-          - 'Server: CloudWAF'
+          - '(?i)content="CloudWAF"'
           - 'Set-Cookie: HWWAFSESID='
+          - 'Set-Cookie: HWWAFSESTIME='
 
       - type: word
         name: safe3webfirewall
@@ -801,4 +801,4 @@ http:
         part: header
         words:
           - "X-Protected-By: shieldon.io"
-# digest: 490a00463044022039bf0948c5b4367c6955e389fa039464d3d988e34124e676c1301afd85bd2078022040b67db73df9498cd3e7158ab9ca342099d085958cd8468e8124241d7fc84019:922c64590222798bb761d5b6d8e72950
+# digest: 490a00463044022039bf0948c5b4367c6955e389fa039464d3d988e34124e676c1301afd85bd2078022040b67db73df9498cd3e7158ab9ca342099d085958cd8468e8124241d7fc84019:922c64590222798bb761d5b6d8e72950
