This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Application Firewall blocking files

Working with a client on setting up WAF for their webservers. All seems to be going well except for one page.  There is a page that allows people to see PDF files in their browser without downloading them.

For example, the url might be something like this

https://www.contoso.com/Contracts/Report.ashx?name=AcmeCorp-AA-01.PDF

What happens is the real web server reaches back to a file server (of some sorts) to pull up this PDF file for viewing.  What the end user gets is some generic Sophos block page saying that the requested URL was blocked.  I have completely removed all firewall profiles from the virtual webserver and still have had no luck.  If you look in the log,  you will see something similar to:

fw01-2 httpd[5097]: [proxy_http:error] [pid 5097:tid 3726895111] (20014)Internal error (specific information not available): [client x.x.x.x:63171] AH01110: error reading response

fw01-2 httpd: id="0299" srcip="x.x.x.x" localip="y.y.y.y" size="802" user="-" host="x.x.x.x" method="GET" statuscode="502" reason="-" extra="-" exceptions="-" time="3647" url="/contracts/report.ashx" server="www.contoso.com" port="443" query="" referer="-" cookie="-" set-cookie="-" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" uid="YAX6DG28az0Gb0YinLHZAAAPg"

Not sure where the breakdown is on this.

 



This thread was automatically locked due to age.
Parents Reply Children
No Data