2funky_105078
Sep 06, 2016Cirrus
ASM - order of precedence in denying rules
Hello,
- I have a list of few URLs allowed, which has been enforced OK.
- I finished the learning process (disabled both RTPB and learning for URL entities (set to Neve - Wildcard Only)
- I dont have any * wildcard in the allowed-URLs list
- I do have .php as allowed file extension
Why ASM does not block me a non-exisitng url like hhhhhhhhhh.php (why it uses rule 4 and not 1 to deny this page).
how can i allow only a limited set of URLs with a particular extension?
More in general, if there are overlapping policy rules in URLs/FileTypes, which ones are enforced first?