Walter.BOM Namespace
Walter.Web.FireWall Namespace
ASP-WAF Web application firewall for .Net 6, .Net 5, .Net Standard 2.1 and .Net Core 3.x

UserTypes Enumeration

Types of users that are discovered and that can be filtered on. ///

Namespace:  Walter.Web.FireWall
Assembly:  Walter.Web.FireWall (in Walter.Web.FireWall.dll)

Syntax


public enum UserTypes

Members


Member nameDescription
None No user type filter is defined and no checking based on user type will be done.
NotDiscovered The user type is not been discovered at this moment
IsHuman The user type has been discovered and is a human
IsSearchEngineThe user is a search engine supported by the SearchEngine enum
IsIsp The user is coming from a cloud data center, could be an Internet service provider or a scrubbing engine
IsBot The user type is a automated process interacting with your endpoint
IsMalicious The is consumer is known to be malicious (is a behavior and not a user type therefore not included in anyone)
IsUsingDeveloperTools The is consumer is known to be using developer tools (is a behavior and not a user type therefore not included in anyone)
IsCrossSiteUser User is consuming resources from like script from another domain
IsCrossSiteSubmitting User executed a HttpPost, HttpDelete, or an HttpPut to the web application from a another domain
IsUsingPortScanning The is using port scanning tools to access the application via a port he is not intended to do
IsAcessingHoneypotEndpoints The is accessing on of the application honey-pot endpoints
Anyone Anyone has access, this is different from None as not defined is only valid if no firewall attribute is set and does not include users flagged with suspicious activity like cross-site actions or IsMalicious or IsUsingDeveloperTools flaggs
All all options

Remarks


When used in the context of a filtered the user must be a given group. You can specify access to controllers, pages and actions on given user types.

The IFireWall.Configuration.Rules class can be used to configure default rules to allow or disallow access to endpoints to static files.