Since my customer require this feature and all its websites are "url parameters based" I read this in the Astaro manual :
It would be best practice to always enable both URL hardening and form hardening because those two functions are complementary [...] such page requests are blocked by form hardening because it expects a signature which is missing [...] The reason why activating both functions solves those issues is that in case either form hardening or URL hardening find that a request is valid, the server accepts the request.
But,
Activating Url hardening (with all possible parametered urls listed) does not resolve anything.
In another hand I find no way to bypass form hardening in spécific paths : exception tab does nothing, adding the rule number in 'Skip WAF rules' does nothing (99003)
So does someone know how god to get form hardening work with parametered urls ??
This thread was automatically locked due to age.
