Citrix Systems 9.2 Appendix D Tutorial Examples of Classic Policies, Appendix E Migration of Apache mod_rewrite Rules to Advanced Policies, Appendix F New Advanced Expression Operators in This Release

viii Citrix NetScaler Policy Configuration and Reference Guide

Reducing Web Server Redirects. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249

Masking the Server Header . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250

Appendix D Tutorial Examples of Classic Policies

Access Gateway Policy to Check for a Valid Client Certificate. . . . . . . . . . . . . .251

Application Firewall Policy to Protect a Shopping Cart Application . . . . . . . . . .252

Application Firewall Policy to Protect Scripted Web Pages. . . . . . . . . . . . . . . . .255

DNS Policy to Drop Packets from Specific IPs. . . . . . . . . . . . . . . . . . . . . . . . . . .256

SSL Policy to Require Valid Client Certificates . . . . . . . . . . . . . . . . . . . . . . . . . .257

Appendix E Migration of Apache mod_rewrite Rules to Advanced Policies

Converting URL Variations into Canonical URLs . . . . . . . . . . . . . . . . . . . . . . . .260

Converting Host Name Variations to Canonical Host Names. . . . . . . . . . . . . . . .260

Moving a Document Root . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .261

Moving Home Directories to a New Web Server . . . . . . . . . . . . . . . . . . . . . . . . .262

Working with Structured Home Directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . .262

Redirecting Invalid URLs to Other Web Servers . . . . . . . . . . . . . . . . . . . . . . . . .263

Rewriting a URL Based on Time. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264

Redirecting to a New File Name (Invisible to the User) . . . . . . . . . . . . . . . . . . . .265

Redirecting to New File Name (User-Visible URL). . . . . . . . . . . . . . . . . . . . . . .265

Accommodating Browser Dependent Content . . . . . . . . . . . . . . . . . . . . . . . . . . .266

Blocking Access by Robots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .267

Blocking Access to Inline Images . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .268

Creating Extensionless Links. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .268

Redirecting a Working URI to a New Format. . . . . . . . . . . . . . . . . . . . . . . . . . . .270

Ensuring That a Secure Server Is Used for Selected Pages. . . . . . . . . . . . . . . . . .271

Appendix F New Advanced Expression Operators in This Release

Operators for Extracting and Evaluating Numeric Data . . . . . . . . . . . . . . . . . . . .273

Operators for Extracting and Evaluating Text. . . . . . . . . . . . . . . . . . . . . . . . . . . .274

Operators for Extracting and Evaluating HTTP Data . . . . . . . . . . . . . . . . . . . . . .275

Operators for the CLIENT and ipv6 Expression Prefixes. . . . . . . . . . . . . . . . . . .275

XPath and JSON Operators for Evaluating XML and JSON Data. . . . . . . . . . . .276

Operators for Evaluating Groups to Which a User Belongs . . . . . . . . . . . . . . . . .276

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277