This article describes how to setup Request URL in File Security to scan file uploaded for all URL and applied the respective action accordingly.
It is ONLY focusing on the needed setup for the Request URL.
It is maybe necessary to preconfigure other respective File Security setup and refer to the documentation at the end of this article for more information on configuring the File Security.
Solution
It is necessary to scan file(s) uploaded to your web application for all the URL is has.
It is possible to use the File Security feature for the requirement.
From GUI
Step 1: Go to Web Protection > Input Validation > File Security > File Security Rule (tab).
Step 2: Create a new rule or edit an existing rule and change the Request URL to ^/.*
Example as below.
From CLI
# config waf file-upload-restriction-rule
edit "Scan Upload"
set request-type regular
set request-file ^/.*
next
endAlex Lim
Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook
