diff --git a/http/vulnerabilities/apache/shiro/shiro-deserialization-detection.yaml b/http/vulnerabilities/apache/shiro/shiro-deserialization-detection.yaml
index d653f638d2..d3fe896066 100644
--- a/http/vulnerabilities/apache/shiro/shiro-deserialization-detection.yaml
+++ b/http/vulnerabilities/apache/shiro/shiro-deserialization-detection.yaml
@@ -2,7 +2,7 @@ id: shiro-deserialization-detection
 
 info:
   name: Shiro <= 1.2.4 Deserialization Detection
-  author: hotpot
+  author: hotpot,j4vaovo
   severity: unknown
   description: |
     This template is designed to detect the Shiro framework's default key vulnerabilities. It leverages 51 built-in Shiro keys to probe for potential vulnerabilities.
@@ -29,9 +29,15 @@ http:
 
     req-condition: true
     stop-at-first-match: true
+    matchers-condition: and
     matchers:
       - type: dsl
         dsl:
           - 'contains(header_1, "Set-Cookie") && (contains(header_1, "rememberMe=") || contains(header_1, "=deleteMe"))'
           - '!contains(header_2, "rememberMe=") && !contains(header_2, "=deleteMe")'
         condition: and
+
+      - type: dsl # WAF Block Page
+        dsl:
+          - '!contains(body_2, "<p>当前访问疑似黑客攻击，已被网站管理员设置拦截并记录</p>")'
+        condition: and