Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 1 subscriber
  • Views 7137 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAS/WAF exception does not work

akmal
i don't know whether i made a wrong setup, but seem the exception function under web application security did not skip as a put it. 

my setup ...
Skip these checks:
SQL Injection Filter
Cross Site Scripting (XSS) Filter

web request matching this path:
domain.com/crm/admin/index.php
domain.com/crm/admin/index.php*

with above setup, still blocked.. anyone could help on this ??


This thread was automatically locked due to age.
Parents
  • 0
    From the admin guide/in-line help:
    Paths: Add the paths that are to be exempt from the selected check(s), in the form of e.g. /products/images/*.


    Don't put the domain.com, that information is already assumed.  By doing so, you're telling it to match against domain.comdomain.com/crm/admin/index.php.

    try just "/crm/admin/index.php" and "/crm/admin/index.php/*"(without quotes) and see if it helps.

    To see the in-line help, click on the question mark in the upper right of WebAdmin.  It will always show you the page relevant to your current location in WebAdmin.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • 0 in reply to Scott_Klassen
    did that previous, and again just now. but still same result. 

    Forbidden

    You don't have permission to access /crm/admin/index.php on this server.

    i've also tried using based "web clients coming from these source network" but still same. as if it does not read the setting at all.
Reply Children
No Data
Unfiltered HTML