Imperva Cyber Community

communities_1.jpg
 View Only

  • 1.  Profile Optimization

    Posted 09-21-2023 06:49

    Dear all,

    Hope you'll doing good!!

    In profile optimization, for URL and their parameters has some updates. For eg: what if Base64 has enabled in the below image.

    For all our sites has file uploading in image, pdf etc., So when Base64 is enabled it captures in SQL Injection, XSS, etc., So we required some information, how it works.

    Which is converted in the highlighted format. Kindly let us know if anyone have idea about this.


    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Jagadesh Kumar R
    Information Security Group, Manager
    The Karur Vysya Bank Limited
    Karur
    ------------------------------


  • 2.  RE: Profile Optimization

    Posted 09-22-2023 00:01

    Dear Jagadesh,

    I noticed your post on the Imperva community forum regarding Base64 encoding. I'm here to assist you!

    Here's a quick guide to configuring Base64 encoding on SecureSphere:

    1. Additional Configuration:

    • To use Base64 encoding, you'll need to make some additional configurations on SecureSphere.

    2. Profile Settings:

    • Once configured, the profile will switch from using encoded values to using decoded values for enforcement.

    3. Profile Learning:

    • If your profile was set to automatic learning, you may need to switch the profile mode to learning to ensure proper use of decoded values for enforcement.

    For a more in-depth understanding and step-by-step instructions, check out this article: Base64 Encoding Configuration Guide.

    Feel free to reach out if you need further assistance!

     



    ------------------------------
    Nikhil Nandode
    ------------------------------