Create security policies for Sites with URL's that have dynamically generated legion key
Good afternoon,
I have started the creation process for security policies for a number of our websites. The problem is that the websites' URL's contain a dynamically generated session legion key at the end of the URL for each customer session and I can't seem to get the ASM to recognise that the legion key is a dynamic element in the URL. The real traffic policy sees each URL with it's new legion key as an explicit NEW URL, the outcome of this is that I have over 600 'Illegal' URL's to either accept or clear for a website that has 7 pages for each site (and corresponding URL's)
How do I go about Specifying that the trailing Legion is dynamic while the proceeding path is not?
For example Session1 = https://something.com/quote/legion key1 >https://something.com/details/legion key 1 > https://something.com/bank details/legion key 1 > https://something.com/Thanks/legion key 1
would look like this for the next customer session:
Session1 = https://something.com/quote/legion key2 >https://something.com/details/legion key2 > https://something.com/bank details/legion key2 > https://something.com/Thanks/legion key2
So I would like to know how to have legion key1 and Legion key2 correlated as dynamic data while
https://something.com/quote/ https://something.com/details/ https://something.com/bank details/ https://something.com/Thanks/
are the static URL elements??