Header Value Exception
Setting Exceptions for Specific Header Field Values
1. Check Security Log
First, check the header field values that require exception handling in the detection log.
| Item | Description |
|---|---|
| Target Information | Displays detailed information about the detected attack target. |
| Attack Type | Displays the type of detected attack and detailed pattern content. |
| Header | Displays the actual Header value detected within the HTTP protocol. |
2. Exception Handling via User Defined Pattern Creation
1) Access Policy Settings Menu
Go to [POLICY] > (Select Company) > (Double-click Domain Group) > [SET POLICY], or click [OPEN POLICY SETTINGS] on the log screen.
2) Register Pattern
Click the [REGISTER PATTERN] button in the [HEADER FIELD VALUE POLICY] menu to register the pattern for exception handling.
3) Set Exception (ALLOW)
Set the action of the registered pattern to ALLOW to create an allow rule.
4) Adjust Priority
Adjust the priority to the top so that the set exception (ALLOW) rule is applied before the blocking rule, then save.
3. Disable Header Field Value Policy (Global Exception)
1) Access Policy Settings Menu
Go to the [POLICY] > (Select Company) > (Double-click Domain Group) > [SET POLICY] menu.
2) Disable Policy (Set to NONE)
Check the header value and security pattern currently being blocked, then change the action to NONE.
3) Check Application Results
To verify if the settings have been applied correctly, forcibly trigger an event and check that no more block logs are generated.