CSS ACL URL Parameter filtering

Unanswered Question
Jul 16th, 2008

Hi all,

I have a pair of redundant CSS11503 load-balancing two HTTP servers. Recentyly the webserver is being attacked by some malicious script that run through the web server to go to other place.

I need to deny the parameter of the url that attacking the web server.

Example:

http://www.cisco.com/ciscobb/?CPURL=http://gamedl.qq.com/

I need to block the "http://gamedl.qq.com/" parameters.

Anybody can shed some light into this issue?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Wed, 07/16/2008 - 04:30

that won't be possible.

The CSS doesn't parse url after the '?'

You'll to bock this traffic somewhere else.

Gilles.

muhammadsafwan Wed, 07/16/2008 - 20:38

then i can't block any parameter at all?

is there any suggestion to solve this issue?

Actions

This Discussion