Help Center/ Database Security Service/ User Guide/ Configuring Audit Rules/ Enabling or Disabling SQL Injection Detection
Updated on 2024-04-16 GMT+08:00
View PDF
Share

Enabling or Disabling SQL Injection Detection

SQL injection detection is enabled by default. You can disable or enable the detection rules.

One piece of audited data can match only one SQL injection detection rule.

Prerequisites

  • You have purchased a database audit instance and the Status is Running.
  • You can enable SQL injection detection when the status is Disabled.
  • You can disable SQL injection detection when the status is Enabled.

Disabling SQL Injection Detection

SQL injection detection is enabled by default. You can disable the detection rules as required. When an SQL injection detection rule is disabled, the audit rule does not take effect.

  1. Log in to the management console.
  2. Select a region, click , and choose Security & Compliance > Database Security Service. The Dashboard page is displayed.
  3. In the navigation tree, choose Rules.
  4. In the Instance drop-down list, select the instance for which you want to disable SQL injection detection.
  5. Click the SQL Injection tab.

    Only user-defined rules can be edited and deleted. Default rules can only be enabled and disabled.

  6. In the Operation column of a rule, click Set Priority. In the displayed dialog box, select a priority. The smallest number indicates the highest priority. Click OK.

    Figure 1 Configuring the priority

  7. Locate the SQL injection rule you want to disable, and click Disable in the Operation column.

    Figure 2 Disabling an SQL injection detection rule

    When the status of an SQL injection detection rule is Disabled, SQL injection detection is disabled successfully.

  8. In the Operation column of a rule, click Edit. Configure parameters and click OK.

    Figure 3 Editing an SQL injection rule
    Table 1 SQL injection rule parameters

    Parameter

    Description

    Example Value

    Name

    Name of an SQL rule.

    Postal Code SQL injection Rule

    Risk Level

    Level of risks matching a SQL rule. Its value can be:

    • High
    • Moderate
    • Low
    • No risk

    Moderate

    Status

    Enables or disables an SQL injection rule.

    • : enabled
    • : disabled

    Test Regular Expression

    Regular expression that checks for content in certain pattern.

    ^\d{6}$

    Data

    Content that matches the regular expression.

    Enter content and click Test to verify that the regular expression works properly.

    628307

    Result

    Test result. It can be:

    • Hit
    • Miss
      NOTE:

      If the test result is Hit, the regular expression is correct.

      If the test result is Miss, the regular expression is incorrect.

    Hit

  9. In the Operation column, click Delete.

Follow-Up Procedure

To restart an SQL injection detection rule, click Enable in the Operation column of the target rule.
Figure 4 Enabling an SQL injection detection rule

When the status of an SQL injection detection rule is Enabled, SQL injection detection is enabled successfully.

Parent topic: Configuring Audit Rules