Enabling or Disabling SQL Injection Detection

SQL injection detection is enabled by default. You can disable or enable the detection rules.

Important

One piece of audited data can match only one SQL injection detection rule.

Prerequisites

  • You have applied for a database audit instance and the Status is Running.

  • You can enable SQL injection detection when the status is Disabled.

  • You can disable SQL injection detection when the status is Enabled.

Disabling SQL Injection Detection

SQL injection detection is enabled by default. You can disable the detection rules as required. When an SQL injection detection rule is disabled, the audit rule does not take effect.

  1. Log in to the management console.

  2. Select a region, click image1, and choose Security > Database Security Service. The Dashboard page is displayed.

  3. In the navigation tree, choose Rules.

  4. In the Instance drop-down list, select the instance for which you want to disable SQL injection detection.

  5. Click the SQL Injection tab.

    Note

    Only user-defined rules can be edited and deleted. Default rules can only be enabled and disabled.

  6. Locate the SQL injection rule you want to disable, and click Disable in the Operation column.

    **Figure 1** Disabling an SQL injection detection rule

    Figure 1 Disabling an SQL injection detection rule

    When the status of an SQL injection detection rule is Disabled, SQL injection detection is disabled successfully.

  7. In the Operation column of a rule, click Edit. Configure parameters and click OK.

    **Figure 2** Editing an SQL injection rule

    Figure 2 Editing an SQL injection rule

    Table 1 SQL injection rule parameters

    Parameter

    Description

    Example Value

    Name

    Name of an SQL rule.

    Postal Code SQL injection Rule

    Risk Level

    Level of risks matching a SQL rule. Its value can be:

    • High

    • Moderate

    • Low

    • No risk

    Moderate

    Status

    Enables or disables an SQL injection rule.

    • image2: enabled

    • image3: disabled

    image4

    Test Regular Expression

    Regular expression that checks for content in certain pattern.

    ^\d{6}$

    Data

    Content that matches the regular expression.

    Enter content and click Test to verify that the regular expression works properly.

    628307

    Result

    Test result. It can be:

    • Hit

    • Miss

      Note

      If the test result is Hit, the regular expression is correct.

      If the test result is Miss, the regular expression is incorrect.

    Hit

  8. In the Operation column, click Delete.

Follow-Up Procedure

To restart an SQL injection detection rule, click Enable in the Operation column of the target rule.

**Figure 3** Enabling an SQL injection detection rule

Figure 3 Enabling an SQL injection detection rule

When the status of an SQL injection detection rule is Enabled, SQL injection detection is enabled successfully.