Walter.BOM Namespace
Walter.Web.FireWall Namespace
ASP-WAF | .Net API for WAF Systems

UrlValidationPatterns Class

URL validation patterns used in the rule engine

Namespace:  Walter.Web.FireWall.Configurations
Assembly:  Walter.Web.FireWall (in Walter.Web.FireWall.dll)


public sealed class UrlValidationPatterns


This class comes with default values that may not fit your requirements. Update the patterns in this list to match your Endpoints.

You can remove and add items from any of the lists in this pattern dataset.


The bellow sample will remove the url that maps to ~/Order/Checkout as that particularly rout would be valid for the web-application. However there is no valid rout that uses /Payment and we would like to block users that try to fish for that url especially as we have added that url to robots.txt with a Disallow: */Payment just to catch anyone trying to use the robots file to attack the site.

You should add the items to the "correct list" like us, adding /Payment to NoOnlinePaymentSystemExists because if it will match a request than the firewall gives us a type of incident where we know some one was blocked as they where going at the payment system.

public class MyFireWall : FireWallBase
      public MyFireWall(ILoggerFactory factory, IMemoryCache cache, ILatLongRepository geo)
               : base(loggerFactory: factory, memoryCache: cache, latLongRepository: geo)