Forum Discussion
1 Reply
Sort By
- samstepCirrocumulus
It looks like your requirement is to allow only two URLs in your ASM policy to protect an API, however what you are trying to do is to write a an attack signature which will block all requests and only allow API ones. This is inefficient and difficult to configure and debug as you may have noticed.
A better and cleaner approach would be to simply create those two API URLs (ending *r_code and *r_key) as the only allowed URLs in the policy (e.g. delete the * wildcard) and make sure that 'Illegal URL' is set to 'Block' - that's it! All other requests will be blocked automatically without a need to write and maintain custom Attack Signatures.