Hello,
i have a question about form hardening on the XG firewall (SFOS version: see signature under the post).
I am in the process of creating a Web Server Protection Policy according to the Technician Guide and have chosen the highest security level appropriate for me and the situation. The web server is a Nextcloud v18 installation. I have created the protection policy as follows:
The first error starts directly with the login page of Nextcloud, I get a so called form_hardening error for the login form. It seems to be enough that the page is only loaded. I have not entered anything into the form yet neither have I submitted it.
SFVH_VM01_SFOS 18.0.0 GA-Build354# tail -f reverseproxy.log | grep form_hardening[Sat Apr 11 01:34:22.260276 2020] [form_hardening:error] [pid 14058:tid 139927475971840] [client x.x.x.x:60674] Form validation failed: Received unhardened form data[Sat Apr 11 01:34:22.344610 2020] [form_hardening:error] [pid 14058:tid 139927467579136] [client x.x.x.x:60673] Form validation failed: Received unhardened form data[Sat Apr 11 01:34:34.222704 2020] [form_hardening:error] [pid 14058:tid 139927459186432] (22)Invalid argument: [client x.x.x.x:60676] No form context found when parsing <input> tag[Sat Apr 11 01:34:34.457881 2020] [form_hardening:error] [pid 14058:tid 139927459186432] [client x.x.x.x:60676] Form validation failed: Received unhardened form data
Then I added an exception to the WAF Rule as follows:
And now I "just" receive this error:
SFVH_VM01_SFOS 18.0.0 GA-Build354# tail -f reverseproxy.log | grep form_hardening[Sat Apr 11 01:26:54.244434 2020] [form_hardening:error] [pid 12634:tid 140536161761024] [client x.x.x.x:60625] Form validation failed: Received unhardened form data
So it seems that I was able to fix at least part of the error with the added exception. But how do I now tackle the remaining error?
Looking forward to your answers!
This thread was automatically locked due to age.
