Situation.
We have a WAF rule with several test sites in the domains list. Example below.
test1.testurl.com
test2.testurl.com
test3.testurl.com
test4.testurl.com
These all point to one IIS. On the IIS these are all separate sites.
When we request an url to a directory on one of those sites and we do not add the trailing slash, IIS will, by default, if the Directory exists on the webserver, send a 301 redirect back to the firewall, and adds a slash, telling the firewall to check the url with the slash behind it. It probably sends the relative pad back to the firewall.
We would expect that the firewall then opens that same URL with the slash added.
However. The firewall does not do that.
When we request test4.testurl.com/NL we would expect the firewall to then request test4.testurl.com/NL/
However, the firewall opens test1.testurl.com/NL/
If we change the order of the WAF rules it will always opens the top one in the domains list. Why does this happen?
This thread was automatically locked due to age.
