Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Regular expession failing when adding a custom attack signature

Wasfi_Bounni
Cirrocumulus
Cirrocumulus

Hi;

 

I am trying to add a custom attack signature for a header, aiming to prevent the injection of certain

headers. My approach is to use regular experssoins as the criteria instead of "contain string".

 

The problem is that this does not work. For example the regular expression ^badheader stating

the string must start with the header value, this expression does not seem to work. My question, is there

a certain syntax I need to use for this scenario.

 

Thank you

Wasfi

1 ACCEPTED SOLUTION

Hi Wasfi,

 

when Corona is over, you will have to invite me for a beer...

There is a syntax:

Attack and Bot Signature Syntax

 

And there is a regexp validator in ASM

Configuring General ASM System Options

Scroll down till you find Validating regular expressions. Pay attention that RE2 is recommended as the RegExp engine.

 

Cheers...

Daniel

View solution in original post

2 REPLIES 2

Hi Wasfi,

 

when Corona is over, you will have to invite me for a beer...

There is a syntax:

Attack and Bot Signature Syntax

 

And there is a regexp validator in ASM

Configuring General ASM System Options

Scroll down till you find Validating regular expressions. Pay attention that RE2 is recommended as the RegExp engine.

 

Cheers...

Daniel

Wasfi_Bounni
Cirrocumulus
Cirrocumulus

Hi Daniel;

 

Australia is a great country to visit. If you do come to Sydney give me a yell and I will invite you for an Aussie beer at our local.

 

Thank you.

Wasfi