URL Restrict Exception
Request to Allow URL Limit Policy
1. Check Security Log
Identify the URL that requires exception handling.
| Item | Description |
|---|---|
| Target Information | Displays detailed information about the detected attack target. |
| Attack Type | Displays the type and pattern details of the detected attack. |
| Header | Displays the actual value detected in the HTTP protocol header. |
2. Exception Handling via URL Limit Policy User Template Creation
2-1) [POLICY] > (Company) > (Double-click Domain Group) > [SET POLICY] (or click [OPEN POLICY SETTINGS] from Log)
2-2) URL LIMIT POLICY – Add pattern to be excepted via Pattern Registration
2-3) Set Registered Pattern to ALLOW
2-4) Change Priority After Setting Exception
3. Global Exception for URL Limit Policy
3-1) [POLICY] > (Company) > (Double-click Domain Group) > [SET POLICY] (or click [OPEN POLICY SETTINGS] from Log)
3-2) Check the blocked security pattern group and change specific patterns to NONE
3-3) Check Application Results
To verify if the settings have been applied correctly, forcibly trigger an event, then check the setting status and whether block logs are generated.
Note
Precautions
Security patterns blocked in the URL Limit Policy cannot be configured individually per URL. Also, even if registered as a security pattern, the ‘URL Limit Policy’ and ‘URL Security Policy’ operate differently, so please be aware of the differences below when configuring.
※ Difference between URL Limit Policy and URL Security Policy
1. URL Limit Policy
Detects by inspecting all strings included in the URI, even if Parameter (Param) values do not exist.
* ex) http://domain.com/test?select * from test (Detectable)
* ex) http://domain.com/test?test=select * from test (Detectable)
2. URL Security Policy
Detects by inspecting the value only if a Parameter (Param) value exists.
* ex) http://domain.com/test?select * from test (Not Detectable)
* ex) http://domain.com/test?test=select * from test (Detectable)