# SQL Injection Prevention

Prophaze WAF deployed  wide range of methods into its core algorithm to block generic and advanced SQL injection attacks where not-sanitised user inputs is used to inject SQL commands which can disclose system Information and data leakage . The most common sql injection methods blocked are .

* SQL comment sequence
* SQL hex sequence
* SQL String Termination
* SQL Operators Blocking
* Blocks SQL Tautologies
* Blocks Common Database Names
* Blind SQL injection Blocking
* Injection Character anomaly blocking
* Injection Payload Blocking
* MSSQL specific signatures
* SQL Integer overflow
* SQL sleep command exploit
* Prevents conditional SQL injection
* MySQL character switch injection
* SQL Authentication Bypass
* pg\_sleep injection
* Chained SQL Injection
* Stored procedure Injection
* UDF Injection using data structure manipulation
* Concatenated SQL Injection


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.prophaze.com/protection-use-cases/sql-injection-prevention.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.