Forum Discussion

sbobic_232506's avatar
sbobic_232506
Icon for Nimbostratus rankNimbostratus
Dec 15, 2015

Applying iRule to ASM policy - file upload form protection

So, I have found the following iRule which should block the upload of PHP files in file upload forms: when HTTP_REQUEST { if { [HTTP::header exists "Content-Disposition"] } { ...
ASM Advanced WAF
security
Erik_Novak's avatar
Erik_Novak
Icon for Employee rankEmployee
Dec 16, 2015

An easier way might be to simply go to Application Security: File Types: Disallowed File Types, and then create a disallowed file type of .php. That should work. However, back to the iRule, can you go to Logs: Application Security and then review the log entries to see if your iRule fired? You might have to sort by timestamp to wade through all the entries, but a successful iRule event will be listed in the logs. If no iRule event is listed, then either the iRule hasn't been assigned to the VS, or it hasn't been assigned the correct security policy (make sure you save and apply policy after adding it), or the conditions in the iRule are not being met. Are you sure there is a Content-Disposition header in the POST ( I am assuming it's a POST) made to DVWA?