Forum Discussion

Nimbostratus

Jan 18, 2017

ASM Blocked Request Redirect URL:

The ASM blocked request is configured to redirect to a URL like this: http://www.myredirectpage.com/block_pg.php?support_id= <%TS.request.ID()%>. Besides the support ID, are there any other...

ASM Advanced WAF

security

samstep

Cirrocumulus

Jan 23, 2017

There are no other documented parameters apart from SupportID you can use on redirect.

It is not a good practice to include that information on the URL anyway, as it will be giving too much information to the attacker, who may find a way around your ASM policy and hack in. Unique reference number (SupportID) is all you should be giving to the users (who can be hackers).

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)