This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF path exclusion refresher

Hey gang, thanks for all of the help on my previous inquiry.

I'm adding a URI to the exception list in my WAF. lets pretend the web URL is htt ps ://fluffybunnyslippers. com/Application/SuperSoft.aspx?Data=fbjcXTQjk6f230%2fyZ%2bIdrRgLysGWabdrVHHQRYtuZUuYXSJXx48qVw

The URI /Application/SuperSoft.aspx keeps throwing a "URL file extension is restricted by policy" error.. so I added  /Application/SuperSoft.aspx* to the exclusion list and then clicked HTTP policy to bypass the HTTP_Policy scan. 

For good measure I restarted the WAF and ran another test.

The URI still pops the same rule.. am I entering the exception incorrectly?

 

Thanks

-jon



This thread was automatically locked due to age.