Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 3505 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Images not showing in WAF

krowczynski
Hello,

i have the error that images are not showing on my WAF. All other things are working correctly.

Maybe someone can help me here?

Thanks


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BAlfson
    Hi,

    Please post the exact version of UTM: 9.???-???

    Also, what appears in the WAF log and those in #1 in http://www.astaro.org/gateway-products/general-discussion/49065-rulz.html?

    Cheers - Bob


    Hi,

    the version is 9.107-33.
    Here a quick look at the log, when I open the page with the images.
    --




    Live Log: Web Application Firewall




    Filter:



     


    Autoscroll


    Reload 



    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.066691 2014] [url_hardening:warn] [pid 31178:tid 3796167536] [client 10.200.6.26:56371] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.266742 2014] [url_hardening:warn] [pid 31178:tid 3729025904] [client 10.200.6.26:56372] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="2424" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="1958460" url="/vmi/public/test.jspx" server="vmi.hl-stahlservice.de" referer="-" cookie="-" set-cookie="JSESSIONID=48247db1f41636d36c9c197c7e93; Path=/vmi"
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="2437" user="-" host="10.200.6.26" method="GET" statuscode="404" reason="-" extra="-" time="64926" url="/vmi/css/showcase_overrides_ie.css" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.420497 2014] [url_hardening:warn] [pid 31178:tid 3770989424] [client 10.200.6.26:56376] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="1140" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="23871" url="/vmi/css/showcase_layout.css" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.445831 2014] [url_hardening:warn] [pid 31178:tid 3770989424] [client 10.200.6.26:56376] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.485775 2014] [url_hardening:warn] [pid 31178:tid 3930450800] [client 10.200.6.26:56374] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.473762 2014] [url_hardening:warn] [pid 31178:tid 3913665392] [client 10.200.6.26:56375] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.689940 2014] [url_hardening:warn] [pid 31178:tid 3729025904] [client 10.200.6.26:56377] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="390" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="639685" url="/vmi/css/showcase_overrides.css" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.723566 2014] [url_hardening:warn] [pid 31178:tid 3796167536] [client 10.200.6.26:56371] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="8566" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="409922" url="/vmi/xmlhttp/css/xp/xp.css" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.780322 2014] [url_hardening:warn] [pid 31178:tid 3930450800] [client 10.200.6.26:56374] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.825322 2014] [url_hardening:warn] [pid 31178:tid 4081519472] [client 10.200.6.26:56384] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="76" user="-" host="10.200.6.26" method="GET" statuscode="404" reason="-" extra="-" time="386298" url="/vmi/xmlhttp/css/xp/xp_ie.css" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.860756 2014] [url_hardening:warn] [pid 31178:tid 3913665392] [client 10.200.6.26:56375] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="11799" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="6574" url="/vmi/images/header_right.png" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.868816 2014] [url_hardening:warn] [pid 31178:tid 3913665392] [client 10.200.6.26:56375] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="2437" user="-" host="10.200.6.26" method="GET" statuscode="404" reason="-" extra="-" time="431215" url="/vmi/css/showcase_style_ie.css" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="59277" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="145504" url="/vmi/xmlhttp/1392047275472/ice-extras.js" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:02 mail-2 reverseproxy: [Wed Feb 12 06:12:02.936769 2014] [url_hardening:warn] [pid 31178:tid 3737418608] [client 10.200.6.26:56390] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="2436" user="-" host="10.200.6.26" method="GET" statuscode="404" reason="-" extra="-" time="283870" url="/vmi/css/showcase_layout_ie.css" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:02 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="22246" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="265594" url="/vmi/xmlhttp/1392047275472/icefaces-d2d.js" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:03 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="7634" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="185732" url="/vmi/css/showcase_style.css" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:03 mail-2 reverseproxy: [Wed Feb 12 06:12:03.044307 2014] [url_hardening:warn] [pid 31178:tid 3930450800] [client 10.200.6.26:56374] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:03 mail-2 reverseproxy: [Wed Feb 12 06:12:03.060148 2014] [url_hardening:warn] [pid 31178:tid 4081519472] [client 10.200.6.26:56384] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:03 mail-2 reverseproxy: [Wed Feb 12 06:12:03.062116 2014] [url_hardening:warn] [pid 31178:tid 3796167536] [client 10.200.6.26:56371] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:03 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="3940" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="5304" url="/vmi/images/header_left.png" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93; ice.sessions=OBXljhGx_ywadWWJUEwDLA#1; updates=; ice.lease=1392181922992; bconn=-" set-cookie="-"
     
    2014:02:12-06:12:03 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="575" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="9209" url="/vmi/images/flags/de.png" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93; ice.sessions=OBXljhGx_ywadWWJUEwDLA#1; updates=; ice.lease=1392181922992; bconn=-" set-cookie="-"
     
    2014:02:12-06:12:03 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="34902" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="246412" url="/vmi/block/resource/LTEyODkzNzA2Nw==/" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:03 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="151" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="167893" url="/vmi/xmlhttp/blank" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:03 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="36718" user="-" host="10.200.6.26" method="GET" statuscode="200" reason="-" extra="-" time="275712" url="/vmi/block/resource/LTEyODkzNjE3MA==/" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93" set-cookie="-"
     
    2014:02:12-06:12:03 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="2439" user="-" host="10.200.6.26" method="GET" statuscode="404" reason="-" extra="-" time="22874" url="/vmi/public/images/mybe.ico" server="vmi.hl-stahlservice.de" referer="-" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93; ice.sessions=OBXljhGx_ywadWWJUEwDLA#1; updates=; ice.lease=1392181922992; bconn=-" set-cookie="-"
     
    2014:02:12-06:12:04 mail-2 reverseproxy: [Wed Feb 12 06:12:04.065646 2014] [url_hardening:warn] [pid 31178:tid 3796167536] [client 10.200.6.26:56371] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     
    2014:02:12-06:12:04 mail-2 reverseproxy: srcip="10.200.6.26" localip="80.150.113.201" size="35" user="-" host="10.200.6.26" method="POST" statuscode="200" reason="-" extra="-" time="6292" url="/vmi/block/receive-updates" server="vmi.hl-stahlservice.de" referer="https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx" cookie="JSESSIONID=48247db1f41636d36c9c197c7e93; ice.sessions=OBXljhGx_ywadWWJUEwDLA#1; updates=; ice.lease=1392181922992; bconn=OBXljhGx_ywadWWJUEwDLA:1" set-cookie="-"
     
    2014:02:12-06:12:05 mail-2 reverseproxy: [Wed Feb 12 06:12:05.063983 2014] [url_hardening:warn] [pid 31178:tid 3913665392] [client 10.200.6.26:56375] Found invalid signature in Referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx, referer: https://vmi.hl-stahlservice.de:4000/vmi/public/test.jspx
     --
  • 0 in reply to krowczynski
    Hi,

    I have the same problem (UTM 9.2).

    Without WAF, the website loads perfectly fine but as soon as I enable WAF, all images and css disappear. WAF log shows 404-errors for images/css similar to the log posted above.

    example: 
    statuscode="404" reason="-" extra="-" exceptions="-" time="31450" url="/domain.com/tl_files/css/reset.css" server="domain.com" referer="http://domain.com/"
Unfiltered HTML