|
| IncludeBlockFilter |
Blocks requests that target paths that should be included (such as views, layouts, include) |
| IPWhiteListFilter |
Only allows IP Addresses that are the List |
| IDValidationFilter |
This filter validates that all input variables ending in ID are either integers, UUIDs, or simple string values |
| XMLExternalDTDFilter |
Looks for XML External DTD in Requests. |
| ContentLengthFilter |
Inspects the HTTP Content Length Header |
| JVMFloatingPointFilter |
This filter validates that input variables do not contain a value that can crash old JVMs (1.6.0_24 or lower). |
| CRLFInjectionFilter |
Looks for CRLF Injection in the HTTP Headers |
| CrossSiteScriptingFilter |
Looks for XSS in the HTTP Request |
| ForeignPostFilter |
Detects HTTP Post Requests with referrers other than the origin |
| HoneyPotFilter |
Blocks IPs based on the Project Honey Pot http:BL Blacklist |
| SessionHijackingFilter |
Detects if a Session Changes User Agent |
| IPBlackListFilter |
Only allows IP Addresses that are the List |
| Log4ShellFilter |
Looks for Log4Shell exploit patterns in the request. |
| DictionaryAttackFilter |
Detects Repeated Requests Containing Passwords |
| SQLInjectionFilter |
Looks for SQL Injection in the HTTP Request |
| URLSessionIDFilter |
Looks for Session ID in the URL (eg CFID, CFTOKEN, or JSESSIONID) |
| ShellExecutionFilter |
Looks for shell path execution patterns |
| XMLEntityInjectionFilter |
Looks for XML Entity Tags in Request. |
| LocalHostFilter |
Checks if request is from localhost |
| ScopeInjectionFilter |
This filter validates that input variables names dont use scopename. |
| NullByteFilter |
Checks if request is from localhost |
| FilterUtils |
Utility Functions For Filters |
| QueryStringLengthFilter |
Allows you to limit the length of query string |
| RepeatOffenderFilter |
Detects IP's that have been blocked multiple times, and allows you to block all subsequent requests |
| BaseFilter |
The Base Component all Filters must extend. |
| FileUploadFilter |
Checks the File Extensions of Uploaded file and matches them against a whitelist or blacklist. |
| FileUploadContentFilter |
Checks the File Content of Uploaded file and looks for executable content. |
| RemoteMethodFilter |
Looks for remote method requests |
| VariablePatternFilter |
Blocks Variables that match or do not match the specified pattern |
| RemoteExecutionFilter |
Looks for remote execution patterns |
| DotDotSlashFilter |
Looks for ../ in Request |
| SimpleIPBlockingFilter |
Allows you to block IP's |
| GeoFilter |
Allows you to block IPs by Geography. |
| UserAgentFilter |
Looks for Bad / Malicious User Agents |
