public sealed class UrlValidationPatterns
public sealed class UrlValidationPatterns
This class comes with default values that may not fit your requirements. Update the patterns in this list to match your Endpoints.
You can remove and add items from any of the lists in this pattern dataset.
The bellow sample will remove the url that maps to ~/Order/Checkout as that particularly rout would be valid for the web-application. However there is no valid rout that uses /Payment and we would like to block users that try to fish for that url especially as we have added that url to robots.txt with a Disallow: */Payment just to catch anyone trying to use the robots file to attack the site.
You should add the items to the "correct list" like us, adding /Payment to NoOnlinePaymentSystemExists because if it will match a request than the firewall gives us a type of incident where we know some one was blocked as they where going at the payment system.
public class MyFireWall : FireWallBase { public MyFireWall(ILoggerFactory factory, IMemoryCache cache, ILatLongRepository geo) : base(loggerFactory: factory, memoryCache: cache, latLongRepository: geo) { Configuration.Rules.BlockedPatterns.NoOnlinePaymentSystemExists.Add("/Payment"); Configuration.Rules.BlockedPatterns.NoOnlinePaymentSystemExists.Remove("/Checkout"); base.Trigger_OnFireWallCreated(this); } }
System.Object
Walter.Web.FireWall.Configurations.UrlValidationPatterns
Target Platforms: Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2