If you've configured the Invalid URL Handler manually, all modifications are lost. Reenabling logging disables the Invalid Url Handler.
Invalid URL Handler was enabled when the wizard was run for the last time. Note that you must run the wizard again after enough data have been collected in order to create new rules. This skips the creation of new rules and terminates the wizard. To do so, activate the option Reenable Logging. VWAF to collect enough relevant data, or if you've added new functions to your web application. You should continue logging for some more time if you feel that the learning period might have been too short for (This option is only available in a repeated run of the wizard after the option Invalid URL Handler: valid-url-pattern, valid-full-url-pattern.įor more information regarding Wizards, see Whitelist Handler: protected-form-fields, allow-unknown-form-fields If you’ve edited the Whitelist Handler or the Invalid URL Handler manually, review the following settings after running the Suggest Rules Wizard: The Suggest Rules Wizard may overwrite some settings of the Whitelist Handler and of the Invalid URL Handler. Be cautious if you’ve already edited custom rules (handlers). Within the status display of the administration interface, a corresponding message appears in the Application Status sectionĪTTENTION The Suggest Rules Wizard is primarily intended to create an initial security configuration. If one of these databases grows too big, logging automatically stops on this slave for this application (but is continued on other slaves and for other applications). There is a separate database for each application and on each slave. The size of the databases that hold the collected data is limited. An alternative method can also running the Wizard on a test system on which all relevant pages are tested in depth. The other important thing is that it’s not always the same pages that are called up, but in fact all pages with data from all form fields. About one thousand hits usually provide a solid basis.
How long you should wait between the first and second run of the wizard primarily depends on the traffic, structure and complexity of your web application. This handler logs the response data of your web application and analyzes this data in regard to URIs and arguments.Ģnd run: When you run the Suggest Rules Wizard again after some time, it automatically creates rules based on the collected data. The Suggest Rules Wizard must be run twice:ġst run: When you run it for the first time, it activates the The Suggest Rules Wizard can automatically create initial security configuration rules for your specific web application. Wizards tab when you’ve selected an application in the navigation area. You can start this application-specific wizard on the
0 kommentar(er)
