This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAS/WAF exception does not work

i don't know whether i made a wrong setup, but seem the exception function under web application security did not skip as a put it.

my setup ...
Skip these checks:
SQL Injection Filter
Cross Site Scripting (XSS) Filter

web request matching this path:
domain.com/crm/admin/index.php
domain.com/crm/admin/index.php*

with above setup, still blocked.. anyone could help on this ??

This thread was automatically locked due to age.

Parents

0 Scott_Klassen over 13 years ago

From the admin guide/in-line help:
Paths: Add the paths that are to be exempt from the selected check(s), in the form of e.g. /products/images/*.

Don't put the domain.com, that information is already assumed. By doing so, you're telling it to match against domain.comdomain.com/crm/admin/index.php.

try just "/crm/admin/index.php" and "/crm/admin/index.php/*"(without quotes) and see if it helps.

To see the in-line help, click on the question mark in the upper right of WebAdmin. It will always show you the page relevant to your current location in WebAdmin.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Scott_Klassen over 13 years ago

From the admin guide/in-line help:
Paths: Add the paths that are to be exempt from the selected check(s), in the form of e.g. /products/images/*.

Don't put the domain.com, that information is already assumed. By doing so, you're telling it to match against domain.comdomain.com/crm/admin/index.php.

try just "/crm/admin/index.php" and "/crm/admin/index.php/*"(without quotes) and see if it helps.

To see the in-line help, click on the question mark in the upper right of WebAdmin. It will always show you the page relevant to your current location in WebAdmin.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 akmal over 13 years ago in reply to Scott_Klassen

did that previous, and again just now. but still same result.

Forbidden

You don't have permission to access /crm/admin/index.php on this server.

i've also tried using based "web clients coming from these source network" but still same. as if it does not read the setting at all.
Cancel
Vote Up 0 Vote Down

Cancel