Manualshelf

R3166-R3206-HP High-End Firewalls Attack Protection Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
41424344454647484950
39
the websites, so that the system will forward only the web requests that use the specified IP
addresses for website access.
IP address-supported URL address filtering
NOTE:
You can configure this feature only in the command line interface (CLI).
Overview
After the URL address filtering function is enabled, the system denies all web requests that use IP
addresses by default.
To enable users to access all websites using IP addresses, you can enable the support for IP
addresses in URL address filtering, so that the system forwards all web requests that use IP addresses
for website access.
To enable users to access specified websites using IP addresses, you can configure the support for
IP addresses in URL address filtering to deny and configure ACL rules to permit the specified IP
addresses of the websites, so that the system will forward only the web requests that use the
specified IP addresses for website access.
Processing procedure
After the device receives a web request that uses IP address, it processes the request as follows:
If the support for IP addresses is configured as permit, the device forwards the request.
If the support for IP addresses is configured as deny, the device checks the website IP address in the
request against the configured ACL. If the ACL permits the IP address, the device forwards the
request; otherwise, the device denies the request.
URL parameter filtering
Overview
Currently, large quantities of web pages are dynamic and connected with databases, and support data
query and modification through web requests. This makes it possible to fabricate special SQL statements
in web pages to obtain confidential data from databases or break down databases by modifying
database information repeatedly. This kind of attack is called SQL injection attack.
To address this problem, the device compares the URL parameters in an HTTP request against SQL
statement keywords and some other characters that may constitute SQL statements. If a match is found,
the device regards the request as an SQL injection attack and denies it. This protection mechanism is
called URL parameter filtering.
Web requests transmit parameters mainly by the Get and Post methods. The method used for transmitting
parameters determines the positions of the URL parameters, based on which URL parameter filtering
obtains the parameters and then performs filtering. Currently, the device supports URL parameter filtering
of web requests with the Get, Post or Put method.
Processing procedure
After receiving an HTTP request containing URL parameters, the device obtains the parameters
according to the parameter transmission method:
If the parameters are transmitted by a method other than Get, Post and Put, the device directly
forwards the request.