Appendix D

Tutorial Examples of Classic Policies

253

2.In the Create Application Firewall Profile dialog box, in the Profile Name field, enter shopping_cart.

3.In the Profile Type drop-down list, select Web Application.

4.In the Configure Select Advanced defaults.

5.Click Create and then click Close.

6.In the details view, double-click the new profile.

7.In the Configure Web Application Profile dialog box, configure your new profile as described below:

A.Click the Checks tab, double-click the Start URL check, and in the Modify Start URL Check dialog box, click the General tab and disable blocking, and enable learning, logging, statistics, and URL closure. Click OK and then click Close.

Note that if you are using the command line, you configure these settings by typing the following at the prompt, and pressing Enter:

set appfw profile shopping_cart -startURLAction LEARN LOG STATS -startURLClosure ON

B.For the Cookie Consistency check and Form Field Consistency checks, disable blocking, and enable learning, logging, statistics, using a similar method to the Modify Start URL Check configuration.

If you are using the command line, you configure these settings by typing the following commands:

set appfw profile shopping_cart -cookieConsistencyAction

LEARN LOG STATS

set appfw profile shopping_cart -fieldConsistencyAction

LEARN LOG STATS

C.For the SQL Injection check, disable blocking, and enable learning, logging, statistics, and transformation of special characters in the Modify SQL Injection Check dialog box, General tab, Check Actions section.

If you are using the command line, you configure these settings by typing the following at the prompt, and pressing Enter:

set appfw profile shopping_cart -SQLInjectionAction LEARN LOG STATS -SQLInjectionTransformSpecialChars ON

Page 267
Image 267
Citrix Systems 9.2 manual Appendix D Tutorial Examples of Classic Policies 253