Forum Discussion
sbobic_232506
Dec 17, 2015Nimbostratus
Disallowing file types will make the web app inaccessible as it's made in PHP. Plus, as a pentester, I would like to have full control in order to block all file upload vulnerabilities(.php3, .phps, exif data, .htaccess shells etc)
All of my logs(illegal, and all requests) at Security > Event Logs > Application > Requests are empty. Maybe because I have set automatic learning mode, and I've started building the policy just yesterday.