event EventHandler<PhishyRequestEventArgs> OnPhishyRequest
Event Data
The event handler receives an argument of type PhishyRequestEventArgs containing data related to this event. The following PhishyRequestEventArgs properties provide information specific to this event.
| Property | Description |
|---|---|
| CreateIncident | If false then it will instruct the firewall not to create a incident for the phishy request |
| IgnoreForNow | If set to true, it will instruct the firewall that no more reporting regarding this URL is needed for the duration of the firewall session. |
| Request | The requested page that does not seem to have a protected or supported endpoint |
| SiteMapSearch | SiteMap search status for the phishy request |
Remarks
You can decide to no-longer report on the request by setting Walter.Web.FireWall.EventArguments.PhishyRequestEventArgs.IgnoreForNow to true for the duration of the firewall session.
You can also call IPageRequest.Block on the request indicating to the firewall to stop processing future requests in your code. If providing a URL the request will be redirected to the URL when ever a new request is made by the user for the duration set in the block definition.
Example
Assuming the firewall using the SMTP NuGet package we use the NuGet package extension method to send a email to the configured developers mailbox for those that are responsible for security
private void MyFireWall_OnPhishyRequest(object sender, PhishyRequestEventArgs e) { e.IgnoreForNow = true; (sender as IFireWall)?.SendEmail(EMailRoles.SecurityRelevant, $"URL {e.Request.OriginalUrl.PathAndQuery} phishy", $"Consider protection for {e.Request.OriginalUrl.PathAndQuery} on {e.Request}", false); }
Requirements
Target Platforms: Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
See Also