On Thursday, the Drupal Security Team issued a PSA on the Drupal 7 SQL injection vulnerability (SA-CORE-2014-005). The announcement underscores the importance of updating your server to Drupal 7.32.
Incapsula issued an update to our WAF rules on October 15 to protect against SA-CORE-2014-005. Customers who have the WAF enabled are protected against this vulnerability. To confirm SQL injection protection is on, log into your Incapsula account, go to Settings > WAF, and confirm that SQL Injection is set to Block Request.
The PSA goes on to state:
“Simply updating to Drupal 7.32 will not remove backdoors.”
For this reason, customers should also make sure that backdoor protection is enabled. To confirm that backdoor protection is enabled, log into your Incapsula account and go to Settings > WAF, and confirm that Backdoor Protect is set to Auto-Quarantine.
Incapsula will continue to monitor this vulnerability and issue further updates as appropriate.
For additional questions, please contact Incapsula support.