01-Mar-2021 11:32
Hi;
I am trying to add a custom attack signature for a header, aiming to prevent the injection of certain
headers. My approach is to use regular experssoins as the criteria instead of "contain string".
The problem is that this does not work. For example the regular expression ^badheader stating
the string must start with the header value, this expression does not seem to work. My question, is there
a certain syntax I need to use for this scenario.
Thank you
Wasfi
Solved! Go to Solution.
01-Mar-2021 12:13
Hi Wasfi,
when Corona is over, you will have to invite me for a beer...
There is a syntax:
Attack and Bot Signature Syntax
And there is a regexp validator in ASM
Configuring General ASM System Options
Scroll down till you find Validating regular expressions. Pay attention that RE2 is recommended as the RegExp engine.
Cheers...
Daniel
View solution in original post
01-Mar-2021 17:45
Hi Daniel;
Australia is a great country to visit. If you do come to Sydney give me a yell and I will invite you for an Aussie beer at our local.
Thank you.
