Hi all,
I'm trying to block multiple Parameter values using a Lookup Data Set, but it seems like it only works with Parameter names.
Example:
I create a Lookup Data Set "test" with default column (key) and add usernames that i want to block like: test, test1, test2
Policies i setup: Field = Parameters; Operation: At least one; Lookup Data Set = test
But it doesn't block requests with UserName=test at all.
Full payload: UserName=test&Password=hihihihehehe&AuthMethod=FormsAuthentication
If I no longer use parameter values and switch to parameter names instead, meaning the Lookup Data Set will be UserName, Password instead param value test, test1, test2, it will be blocked but block all request with param name=UserName or Password
Therefore, please help me create a policy that blocks parameter values in the payload using a Lookup Data Set.
Thank you.
#On-PremisesWAF(formerlySecuresphere)------------------------------
tuan nguyen
head of product development - fico
Tien Phong Commercial Joint Stock Bank
HA NOI
------------------------------