Skip to content
Threat Feed

Product

Internet Information Services

4 briefs RSS
medium advisory

Web Server Potential Remote File Inclusion Activity

This rule detects potential Remote File Inclusion (RFI) activity on web servers by identifying HTTP GET requests that attempt to access sensitive remote files through directory traversal techniques or known file paths, potentially leading to information disclosure or further compromise.

Nginx +4 rfi webserver vulnerability
2r 2t
low advisory

Web Server Remote File Inclusion Activity Detected

This rule detects potential Remote File Inclusion (RFI) activity on web servers by identifying HTTP GET requests that attempt to access sensitive remote files through directory traversal techniques or known file paths to read sensitive files, gain system information, or further compromise the server.

Nginx +4 remote-file-inclusion web-server discovery
2r 1t
low advisory

Web Server Discovery or Fuzzing Activity Detected

Detection of web server discovery or fuzzing activity indicated by a high volume of HTTP GET requests resulting in 404 or 403 status codes originating from a single source IP address within a short timeframe, suggesting attempts to discover hidden resources.

Nginx +4 web-server fuzzing reconnaissance web-application
2r 2t
low advisory

Web Server Discovery or Fuzzing Activity

Detection of potential web server discovery or fuzzing activity characterized by a high volume of HTTP GET requests resulting in 404 or 403 status codes originating from a single source IP address within a short timeframe, indicating attackers are probing for hidden resources.

Nginx +4 reconnaissance web-server fuzzing
2r 2t