Web Application Firewall

17:12 UTC, Apr-21-2020 – Systems has reactivated the WAF. However, the rule that caused the HTTP 406 Not Acceptable errors for customers earlier today remains deactivated for the time being.

14:58 UTC, Apr-21-2020 – We have temporarily disabled the WAF due to reports from customers. Once we have reviewed them, we will update this post accordingly.

14:18 UTC, Apr-21-2020 – The Pressable systems team has deployed a Web Application Firewall (WAF) across our network. The WAF will make sites hosted on our platform more secure by blocking common attack vectors, such as SQL injection.

When the WAF is triggered, our servers will return an HTTP 406 Not Acceptable response code.

While our systems team has tested the WAF rules extensively, there is a chance that the rules may flag and block legitimate requests. In the event that this happens, please contact the Pressable Customer Success team for assistance.

Additionally, our systems team has implemented rate limiting on requests made to assets or pages that return an HTTP 404 Not Found response code. When excessive requests are made to assets or pages that return a 404 error, our servers will return an HTTP 428 Precondition Required response code.

If you have any questions or concerns about the steps we’re taking to improve the security and functionality of your sites hosted on our platform, do not hesitate to contact the Pressable Customer Success via MyPressable Control Panel or email, at help[@]pressable.com.