# SQL Injection Prevention

Prophaze WAF deployed  wide range of methods into its core algorithm to block generic and advanced SQL injection attacks where not-sanitised user inputs is used to inject SQL commands which can disclose system Information and data leakage . The most common sql injection methods blocked are .

* SQL comment sequence
* SQL hex sequence
* SQL String Termination
* SQL Operators Blocking
* Blocks SQL Tautologies
* Blocks Common Database Names
* Blind SQL injection Blocking
* Injection Character anomaly blocking
* Injection Payload Blocking
* MSSQL specific signatures
* SQL Integer overflow
* SQL sleep command exploit
* Prevents conditional SQL injection
* MySQL character switch injection
* SQL Authentication Bypass
* pg\_sleep injection
* Chained SQL Injection
* Stored procedure Injection
* UDF Injection using data structure manipulation
* Concatenated SQL Injection