Blog What We Do Support Community
Login Sign up

Cloudflare is adding Drupal WAF Rule to Mitigate Critical Drupal Exploit

by Pasha Kravtsov.

Drupal has recently announced an update to fix a critical remote code execution exploit (SA-CORE-2018-002/CVE-2018-7600). In response we have just pushed out a rule to block requests matching these exploit conditions for our Web Application Firewall (WAF). You can find this rule in the Cloudflare ruleset in your dashboard under the Drupal category with the rule ID of D0003.

Drupal Advisory:

comments powered by Disqus