Docs

Server Side Injection

What It Means

This request attempted to perform a Server Side Include (SSI) attack against your application.

Why It Matters

Server Side Includes are directives that a web server processes before sending a page to the visitor. An attacker who can inject SSI directives may be able to execute commands on your server, include sensitive files, or modify page output.

Common Triggers

Requests containing SSI directives like <!--#exec or <!--#include in input fields or URL parameters. These are automated scans probing for SSI-enabled servers.

What To Do

SSI injection attempts are always malicious. These blocks are safe to leave in place. No action is typically required.