Evasion Request

What It Means

This request was formatted in a way designed to bypass the security filters of the WAF.

Why It Matters

Evasion techniques indicate a sophisticated attacker who is aware that a WAF is present and is actively trying to circumvent it. These requests use encoding tricks, character substitution, or protocol manipulation to disguise attack payloads so they pass through security rules undetected.

Common Triggers

Requests with double-encoded characters, unusual Unicode representations, null bytes inserted into attack strings, or other obfuscation techniques designed to fool pattern-matching security rules.

What To Do

These blocks are always legitimate and indicate active attack activity. They are safe to leave in place. No action is typically required.