Forum Discussion
-
In regards to first question, do you have
tickbox selected for "Illegal URL" violation? You can check this in Security -> App Security -> Blocking -> Settings (If not, select it, save changes, and apply changes to policy)Blocking
-
If you have listed php in your Allowed File Types but have not allowed "/hhhhhhhhhh.php" URL, then any requests to that path will be blocked assuming that:
- 2.1 You have configured your policy to block requests to "Illegal URLs" (see 1.). "Illegal URL" violation occurs when a matching HTTP path is not found in "Allowed URLs".
-
2.2 A Wildcard (*) is not in the "Allowed URLs" list
-
tl;dr: Both are evaluated, the URL as well as the File Type. If a violation is triggered on either condition, the other condition cannot supersede and "unblock the request". Therefore, it's not relevant which condition is evaluated first.
Also note that ASM uses incorrect terminology as 'Allowed URL' is technically a 'Allowed HTTP Path'. What's more, there are some problems with what ASM calls a 'Parameter', but that's not really related here. Just acknowledge that incorrect use of terminology is common in the module, and it will stretch out the learning curve or even contribute to some incidents because of misunderstanding.
Cheers Hannes.. You rock.!!
-Jinshu