Regular expession failing when adding a custom attack signature
Hi;
I am trying to add a custom attack signature for a header, aiming to prevent the injection of certain
headers. My approach is to use regular experssoins as the criteria instead of "contain string".
The problem is that this does not work. For example the regular expression ^badheader stating
the string must start with the header value, this expression does not seem to work. My question, is there
a certain syntax I need to use for this scenario.
Thank you
Wasfi
Hi Wasfi,
when Corona is over, you will have to invite me for a beer...
There is a syntax:
Attack and Bot Signature Syntax
And there is a regexp validator in ASM
Configuring General ASM System Options
Scroll down till you find Validating regular expressions. Pay attention that RE2 is recommended as the RegExp engine.
Cheers...
Daniel