Hi Syed,
I don't want the mx to completely not generating alert on this policy. I just want it to be able to identify a customized request content type defined by us, and then it won't need to fire the alert.
Under Policy > Security > HTTP/1.x Protocol Policy, I tried to expand the "Unauthorized Request Content Type" rule and add our customized content type in the "Allowed Content Types" list. but still have no luck. I'm still receiving many alerts of Unauthorized Request Content Type. Do I miss anything in the configuration?
Thank you.
------------------------------
Ken Chau
IT Manager
------------------------------
Original Message:
Sent: 12-10-2022 12:32
From: Syed Noor Fazal
Subject: Unauthorized Request Content Type
Hello Ken,
If you just want mx not to generate any alert, then just keep the policy action as no alert that should work.
------------------------------
Syed Noor Fazal
Product Support Engineer
Original Message:
Sent: 11-15-2022 21:10
From: Ken Chau
Subject: Unauthorized Request Content Type
Hi Syed,
We are using version 13.3 and seems it does not have the feature of Content-type Discovery.
By the way, we just want to stop generating the alert when the content-type matches our defined value, and there is no need to block any traffic.
Thanks.
------------------------------
Ken Chau
IT Manager
Original Message:
Sent: 11-12-2022 12:48
From: Syed Noor Fazal
Subject: Unauthorized Request Content Type
Hello Ken,
Thank you for the post, sharing below link which explains about content-type discovery feature,
https://docs.imperva.com/howto/3ce0843b
Working with Content-type Discovery
https://docs.imperva.com/bundle/v13.6-web-application-firewall-user-guide/page/70786.htm
https://docs.imperva.com/bundle/v14.6-web-application-firewall-user-guide/page/70947.htm
Let me know if this helps your requirement or not.
------------------------------
Syed Noor Fazal
Product Support Engineer
Original Message:
Sent: 11-11-2022 06:56
From: Ken Chau
Subject: Unauthorized Request Content Type
Dear all,
If our web application is using a customized value for the Content-type header field in different HTTP POST requests, is there any way to fine tune the application profile such that the Imperva WAF would recognize such customized value is valid and not to trigger alert?
Thank you!.
#On-PremisesWAF(formerlySecuresphere)
------------------------------
Ken Chau
IT Manager
------------------------------