Karthik_Krishn1
Feb 17, 2016Cirrostratus
Block keywords
Hello,
I am looking for a way to block access based on the presence of certain keywords contained within the URL. For eg:
GET /ctc/servlet/com.sap.ctc.util.ConfigServlet?param=com.sap.ctc.util.FileSystemConfig;EXECUTE_CMD;CMDLINE=
We are already blocking the pattern /CTC/.* from the Internet and internal networks using an irule, but the concern is that there may be other paths that would allow an attacker to run commands such as EXECUTE_CMD , CMDLINE etc.
Is there a way to block these keywords regardless of the URL patterns being accessed.
Thanks,
Karthik