I have a vulnerable web server behind a R80.10 Security gateway. I activated a strict IPS profile on the gateway.
When i use a machine in front of the firewall module to make simple attacks on the web server the FW properly detects and blocks SQLi attempts, but not command injection such as inserting " ;ls " in a field.
This behavior is exactly the same for https and http traffic.
Is there a specific feature to enable or specific configuration for the firewall to be able to block command injection attacks ?
Thank you in advance.