What is the significance of staging with allowed file types?
Hi;
I understand the significance of stagin with attack signatures. However, I am trying to understand it for an allowed file type.
Let's say that PHP is a file type in the list of allowed file types, and let's say that the wildcard file type has been removed from this list. In this case, does for PHP file type being "in staging" mean that it will be blocked until the 7 day staging period had elapsed?
Of course assuming that all other conditions for blocking are satisfied, like "Blocking" enforcement mode and the block flag for illegal file types being ticked.
Kindly
Wasfi
Hi Wasfi_Bounni,
configuring file types is more than just adding a file extension like .php to an allow list, file types also have attributes like URL Length, Request Length, Query String Length or POST Data Length. Also Response Signatures, attack signatures that are designed to inspect responses, can be applied to file types.
The verify that all these attributes and signatures are configured correctly and to avoid false positives, you can (should) perform staging on file types.Makes sense?
KR
Daniel