Upload Exception
Upload Policy Exception Settings
1. Check Security Log
Check the detection logs to identify the type and target of the blocked file upload attack.
| Item | Description |
|---|---|
| Target Information | Displays detailed information about the detected attack target. |
| Attack Type | Displays the type and pattern details of the detected attack. |
| Header | Displays the actual Header value detected within the HTTP protocol. |
| Body | Displays the actual Body value detected within the HTTP protocol. |
2. Upload Policy Exception by URL
This is a method to allow (apply exception to) upload policies only for specific URL paths.
1) Access Policy Settings Menu
Go to [POLICY] > [Company] > (Double-click Domain Group) > [SET POLICY], or click [OPEN POLICY SETTINGS] on the log screen.
2) Add Exception URL
After checking the URL where blocking occurred, add that URL to the policy list.
3) Default Template Exception
If blocked by a pattern provided by DeepFinder by default, set the policy of that pattern group to ALLOW in the added URL path.
4) Exception Handling after Creating User Template
If you need to allow separate extensions or conditions other than default patterns, create and register a user-defined pattern in the [TEMPLATE] > [UPLOAD FILE] menu.
| Item | Description |
|---|---|
| SYSTEM | Security patterns provided by DeepFinder by default. |
| USER | Security patterns newly registered by the user as needed. |
| Category | Item | Description |
|---|---|---|
| Group Info | Name | Enter the name of the upload file group. |
| Company | Set the company to apply the upload file group. | |
| Extension | Name | Enter the name of the individual upload file policy (pattern). |
| Risk | Select the risk level of the upload file. (High, Medium, Low) | |
| Extension | Enter the file extension to allow or block. |
5) Apply User Policy (Set ALLOW)
Find the newly added user policy in the URL Policy> (Select Policy URL) > [UPLOAD] menu and set it to ALLOW.
6) Adjust Priority
Set the priority of the added new pattern one step higher than the existing blocking pattern causing false positives, then save.
7) Check Application Results
To verify if the settings have been applied correctly, forcibly trigger an event, then check the setting status and whether block logs are generated.
3. Disable Upload Policy (Global Exception)
This is a method to release specific upload blocking policies for the entire domain group ([/]).
1) Access Policy Settings Menu
Go to the [POLICY] > [Company] > (Double-click Domain Group) > [SET POLICY] menu.
2) Disable Blocked Pattern (Set to NONE)
1. Select [/] (Entire Path) from the URL Policy List tab.
2. Click the [UPLOAD] tab.
3. Check the pattern or group currently being blocked, then change the action to NONE.
3) Check Application Results
To verify if the settings have been applied correctly, forcibly trigger an event, then check the policy setting status and block logs.