Best Security Practice of PASOE REST Service Behind Web Appl

Posted by randyer on 03-Aug-2018 09:47

I have a Kendo UI Builder application that is calling a REST Service through our Progress Application Server.   The KUIB application is deployed in our DMZ and the PASOE REST service is internal.   Our Barracuda Web Application Firewall is blocking our REST service with 'SQL Injection in Parameter'.   What are some Best Practice / Security Tips that we should be aware of or consider? "myValue = 'Hey' "}


Attack:  SQL Injection in Parameter

Detail: type="sql-injection-medium" pattern="sql-quote" token="' or " Parameter="filter" value="{"ablFilter"\:"(myValue = 'Hey' "

Thanks in advance for the feedback.

Thanks, Randy

All Replies

This thread is closed