Forum Discussion
An easier way might be to simply go to Application Security: File Types: Disallowed File Types, and then create a disallowed file type of .php. That should work. However, back to the iRule, can you go to Logs: Application Security and then review the log entries to see if your iRule fired? You might have to sort by timestamp to wade through all the entries, but a successful iRule event will be listed in the logs. If no iRule event is listed, then either the iRule hasn't been assigned to the VS, or it hasn't been assigned the correct security policy (make sure you save and apply policy after adding it), or the conditions in the iRule are not being met. Are you sure there is a Content-Disposition header in the POST ( I am assuming it's a POST) made to DVWA?