25-Jan-2017 12:34
25-Jan-2017 14:05
StewartL, what logging profile have you assigned? If it's All Requests then simply browsing the site will generate logs. To see illegal requests then does the site have search fields you can input sample malicious scripts? Or can you construct http requests which violate the RFC violations e.g. IP address as host header.
Just a few options.
HTH
N
26-Jan-2017 01:08
you could also use a tester like ZED or Burp to test the site, this should give you enough log output