Block URLs with specific characters
Is there a way to configure proxies to prevent requests to web servers with specific characters in the URL request? We have 1 older server that has files with 8.3 naming that could be susceptible to IIS tilde enumeration and right now we can't recreate the directory after disabling 8.3 filenames, so I'm looking to prevent any requests to the server that contain a tilde. There are other methods to do this, but I'd like to stop the requests before they get to the server.
Thanks!
0
Sign In to comment.
Comments
Yes, using an incoming HTTPS proxy, with Inspect enabled on an entry for a domain on an internal web server.
Then on the HTTP proxy action specified on the HTTPS proxy action, you can add 1 or more entries on the URL Paths section to deny access to, or parts of, a URL.
HTTP Request: URL Paths
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/http/http_req_url_paths_c.html
HTTPS-Proxy: Content Inspection
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/https/https_proxy_contentinspection_c.html