adel-qusay / adel-waf Goto Github PK

'AdelWAF',

where put this? before or after?

hello there mate !
i would like to inform you that your waf is still can be bypassed easily for example this:

id=system ('ls')

try "regular expression" approach, it's more useful !

I tried to start an sql injection and it didn't work
Also this is the one on bac site

Hi There,

I want to try ADEL-WAF

any config option for Nginx server as I am unable to edit php.ini

Thank you

Hi,

Thanks for sharing this project, it is very light yet very useful.

But I found the error when submitting multiple POST fields/forms.

[STDERR] PHP Fatal error: Uncaught TypeError: strtolower(): Argument #1 ($string) must be of type string, array given in /usr/local/src/AdelWAF.php:140

It comes from this following line :
$value = html_entity_decode(str_replace(" ", "", strtolower($value)));

does it already handle the arrays ?Please advise.

Thank you

As we know to set up a better secured password for user accounts, the user should use capital letters, numbers, special characters ... etc,
but when a user try to include a special character in his own password like (*, %) then he tryna log in, the firewell considers it as sql injection and refuse giving him access to his account.

Thank you for building this project.

What does the function $AdelWAF->isDA(); do?