Thank you for getting back and I was able to view the txt file.
Based on the logs from the txt file the request is getting blocked due to the content present in JSON field values.uwReactie
which triggered multiple rules (Rule 942410 & 99031001 detected SQL injection attack and Rule 941310 detected a Malformed Encoding XSS Filter)
This is how the rules are set-up in OWASP (example of 942410)
Getting false positive is pretty common when you enable Web Application Firewall and this is the approach recommended to prevent any legitimate traffic from being blocked.
The best approach here will be to apply an exclusion rule so that the content of the JSON field values.uwReactie
is not evaluated by the WAF.
You can refer this example on how you can apply exclusion for JSON request bodies.
Create an exclusion with a match variable of Request body JSON args name
, an operator of Contains
, and a selector of values.uwReactie
.
You can refer to my answer here on implementing this exclusion
Hope this helps! Please let me know if you have any additional questions. Thanks!
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.