Dave_Pisarek
Jan 09, 2020Cirrus
ASM disallowed url %
All,
Running into an issue with disallowed url on ASM. We needed to block the ecp in owa like so https://owa.host.com/ecp, this works as expected just by adding /ecp in the disallowed list. If you use trustwave or another filter that changes the url to the below example, you bypass the /ecp block,
https://owa.host.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fowa.host.com%2fecp%2f
I need to be able to block this request as well but unable to figure out how to have ASM detect the %2fecp%2f.
Any thoughts?