Forum Discussion
1 Reply
- ltwagnonRet. Employee
I don't know of a way to enable/disable attack signatures at the URL level, but on the parameter issue, could you try using wildcard parameters to simplify your list? For my web app, we have lots of parameters with dynamic names, but I found a way to create a few parameters with wildcards, and it saved me lots of time on updating meta value characters, attack signatures, etc. For example, if my app might create the following parameters:
abc$123$edittext
abc$456$edittext
abc$789$edittext
I created a global wildcard parameter abc$*$edittext and it really simplified things. I was able to delete the individual parameters that were covered by this new wildcard parameter. One other thing to mention (and this might not apply directly to your situation), but you can create URL level parameters when a parameter is relevant only to a particular URL.