The Guard event that's being raised by the firewall when the firewall is about to create an incident allowing you to intervene
Object Model
Syntax
public class FireWallIncidentEventArgs : System.EventArgs
Example
You can use the firewall to test and see if you are using routs that would cause your application to block valid requests. This way you can update your blocking patterns to match valid and invalid rules.
It is always recommended to not use default routs as all bot's are scripted to use those and the fastest way to detect a malicious user is by having a honey pot or a default not implemented
private void FireWall_OnIncident(object sender, FireWallIncidentEventArgs e) { switch (e.StackEntry.Reason) { case Walter.BOM.FirewallBlockReasons.PenetrationAttempt: if (Enum.TryParse<Walter.Web.FireWall.RuleEngine.UrlValidatedResult>(e.Data[IncidentAssertType.RuleNr], out var list)) { _logger?.Lazy().LogCritical("Url triggered {pattern} in {location} in Configuration.Rules.blockedPatterns.{list}" , e.Data[IncidentAssertType.Pattern] , e.Data[IncidentAssertType.Location] , list); LogTodo<ConfigurationTasks>(ConfigurationTasks.UrlNotValid , $"Update Configuration.Rules.blockedPatterns.{list} on {e.Data[IncidentAssertType.Pattern]} at the {e.Data[IncidentAssertType.Location]} in URL{e.Page.OriginalUrl}" , false); } break; default: base.LogTodo<ConfigurationTasks>(ConfigurationTasks.Setup, message: $"Test Rule \"{e.StackEntry.Rule}\" on {e.Page.OriginalUrl}", optional: true); break; } }
Inheritance Hierarchy
System.Object
System.EventArgs
Walter.Web.FireWall.EventArguments.FireWallIncidentEventArgs
Walter.Web.FireWall.EventArguments.FireWallCookieIncidentEventArgs
Requirements
Target Platforms: Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
See Also