Imperva Cyber Community

communities_1.jpg
 View Only

  • 1.  URL to Parameter

    Posted 07-10-2023 22:50
    Edited by Almaz Kydyrbaev 07-10-2023 23:54     
    Good afternoon! We have Imperva WAF on-premise 14.7. In the Profile has several urls: 1) /web-api/orders/ , 2) /web-api/orders/24353630 , 3) ​​/web-api/orders/24353707/. Where the numbers are the dynamic part. 2 and 3 urls can be combined. They have different http parameters. How to separate them via Plugin URL to Parameter?  I made this expression (\/web-api\/orders\/)([0-9]+.). This expression merges with /web-api/orders/ Thank you in advance for your cooperation!


    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Almaz Kydyrbaev
    ------------------------------



  • 2.  RE: URL to Parameter

    Posted 07-11-2023 03:59

    Hi,

    Do it as a pattern.

    Go to the Profile. Open all "+" and click on the link.

    Remove the file name (ex. index.html) and save it.

    Next, go to the Patterns and open it to learn.

    Plagins are good but are working with RegExp. Regex are heavy on the system.



    ------------------------------
    Karol Gruszczynski
    IT Security Expert
    Trafford IT Sp. z o.o.
    Warsaw
    ------------------------------



  • 3.  RE: URL to Parameter

    Posted 07-11-2023 04:51 
    Thanks for the help!


    ------------------------------
    Almaz Kydyrbaev
    system administrator
    CJSC "Bank Companion"
    Bishkek
    ------------------------------

    Original Message


  • 4.  RE: URL to Parameter
    Best Answer

    Posted 07-11-2023 10:10

    Hi Almaz,

    For additional tuning tips, please see: https://community.imperva.com/blogs/jaired-anderson/2022/02/15/imperva-waf-gateway-tuning-web-profiles

    As Karol mentions, plugins should be considered as a last resort. Using patterns also has the benefit of automatically "cleaning up" the profile for you. (it must be done manually when using regex)



    ------------------------------
    Jaired Anderson
    Imperva
    ------------------------------