waf template evasion-check¶
Check for evasion attempt
evasion-check Specification¶
Parameter Value Type Configuration Resource Element Name evasion-check Element URI /axapi/v3/waf/template/{name}/evasion-check Element Attributes evasion-check_attributes Partition Visibility shared Schema evasion-check schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/waf/template/{name}/evasion-check | ||
Get Object | GET | /axapi/v3/waf/template/{name}/evasion-check | ||
Modify Object | POST | /axapi/v3/waf/template/{name}/evasion-check | ||
Replace Object | PUT | /axapi/v3/waf/template/{name}/evasion-check | ||
Delete Object | DELETE | /axapi/v3/waf/template/{name}/evasion-check |
evasion-check attributes¶
apache-whitespace
Description Check for whitespace characters in URL
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
decode-entities
Description Decode entities in internal url (default on)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
decode-escaped-chars
Description Decode escaped characters such as r n ” xXX u00YY in internal url (default on)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
decode-plus-chars
Description Decode ‘+’ as space in URL (default on)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
decode-unicode-chars
Description Check for evasion attempt using %u encoding of Unicode chars to bypass (default on)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
dir-traversal
Description Check for directory traversal attempt (default on)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
high-ascii-bytes
Description Check for evasion attempt using ASCII bytes with values
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
invalid-hex-encoding
Description Check for evasion attempt using invalid hex characters (not in 0-9,a-f)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
max-levels
Description Max levels of encoding allowed in request (default 2)
Type: number
Range: 0-64
Default: 2
multiple-encoding-levels
Description Check for evasion attempt using multiple levels of encoding
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
multiple-slashes
Description Check for evasion attempt using multiple slashes/backslashes
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
remove-comments
Description Remove comments from internal url
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
remove-spaces
Description Remove spaces from internal url (default on)
Type: boolean
Supported Values: true, false, 1, 0
Default: 1
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters