This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewalls, URL Signing and Form Hardening

We've installed Sophos UTM and are running various web sites behind it. Sophos has two options "Form hardening" and "Static URL hardening" that are intended to protect your web site from hackers.

It does this be inspecting the content in a page and, in brief, checking that when the client makes requests from that page that they are valid.

However this causes problems with some of our web sites where they dynamically construct URLs (for example an Ajax request) in Javascript, such URLs are not seen as valid and are blocked by the firewall. MyLabCorp

My question is is this type of firewall protection going to become an increasingly common thing that I, as a web developer, am going to have to code around? Or is this always going to be a niche thing that will only work for certain web sites?

I can't find an awful lot of chatter about this topic on the web, so any thoughts would be very welcome.



This thread was automatically locked due to age.
Parents
  • Hi and welcome to the UTM Community!

    Copy here the line from the Web Application Firewall log where your URL was blocked.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hi and welcome to the UTM Community!

    Copy here the line from the Web Application Firewall log where your URL was blocked.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data