.. _waf_template_evasion_check: waf template evasion-check ========================== Check for evasion attempt evasion-check Specification --------------------------- ===================================== ========================================================================== ===================================== ========================================================================== **Type** *Configuration Resource* **Element Name** evasion-check **Element URI** /axapi/v3/waf/template/{name}/evasion-check **Element Attributes** evasion-check_attributes **Schema** :download:`evasion-check schema ` ===================================== ========================================================================== **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html

Operation	Method	URI	Payload
Create Object .. raw:: html	POST .. raw:: html	/axapi/v3/waf/template/{name}/evasion-check .. raw:: html	:ref:`2709_evasion-check_attributes` .. raw:: html
Get Object .. raw:: html	GET .. raw:: html	/axapi/v3/waf/template/{name}/evasion-check .. raw:: html	:ref:`2709_evasion-check_attributes` .. raw:: html
Modify Object .. raw:: html	POST .. raw:: html	/axapi/v3/waf/template/{name}/evasion-check .. raw:: html	:ref:`2709_evasion-check_attributes` .. raw:: html
Replace Object .. raw:: html	PUT .. raw:: html	/axapi/v3/waf/template/{name}/evasion-check .. raw:: html	:ref:`2709_evasion-check_attributes` .. raw:: html
Delete Object .. raw:: html	DELETE .. raw:: html	/axapi/v3/waf/template/{name}/evasion-check .. raw:: html	:ref:`2709_evasion-check_attributes` .. raw:: html

.. _2709_evasion-check_attributes: evasion-check attributes ------------------------ **apache-whitespace** **Description** Check for whitespace characters in URL **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **decode-entities** **Description** Decode entities in internal url (default on) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 1 **decode-escaped-chars** **Description** Decode escaped characters such as \r \n \" \xXX \u00YY in internal url (default on) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 1 **decode-plus-chars** **Description** Decode '+' as space in URL (default on) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 1 **decode-unicode-chars** **Description** Check for evasion attempt using %u encoding of Unicode chars to bypass (default on) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 1 **dir-traversal** **Description** Check for directory traversal attempt (default on) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 1 **high-ascii-bytes** **Description** Check for evasion attempt using ASCII bytes with values **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 1 **invalid-hex-encoding** **Description** Check for evasion attempt using invalid hex characters (not in 0-9,a-f) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **max-levels** **Description** Max levels of encoding allowed in request (default 2) **Type:** number **Range:** 0-64 **Default:** 2 **multiple-encoding-levels** **Description** Check for evasion attempt using multiple levels of encoding **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **multiple-slashes** **Description** Check for evasion attempt using multiple slashes/backslashes **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **remove-comments** **Description** Remove comments from internal url **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **remove-spaces** **Description** Remove spaces from internal url (default on) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 1 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters