AnsweredAssumed Answered

Blocking URL patterns

Question asked by stephen.mcgilligan on Jan 25, 2016
Latest reply on Jan 27, 2016 by Karmeng

Hi,

 

We regularly see attacks on a public interface protected by SiteMinder (or CA Single Sign On if you prefer ). Quite a few of these attacks have a specific pattern to them in how they construct the request URL i.e. passing OAuth parameters in the GET query list. Is there an easy, and performant, way to block specific URL patterns using SiteMinder?

 

I'm thinking of something in the agent config side rather than evaluating policies as the former would likely be more performant. Maybe the CSS checking config is the place for it.

 

Are there any other options? It would be nice if the request could also be "black-holed" so the agent/web server doesn't even spend time sending a response back to the client. Obviously traffic managers can do this type of thing but I was wondering if it's something SiteMinder could/should be involved in.

 

Thanks,

Stephen

Outcomes