Editing Paths

Configuring paths is optional. It enables you to handle individual subdirectories or file types differently (see also Application Mapping, Paths, Preconditions).

The order of paths is important

The decider processes the list of paths from top to bottom. When a URL matches a defined path and all set up preconditions for this path are met (if preconditions have been set up at all), vWAF calls the handlers stored for that path for analyzing the request. Then it aborts. So if there are other path matches further down the list, these matches are not taken into account.

The order of the paths in the created list may therefore influence how vWAF behaves.

Duplicate paths when using preconditions

If you’re using preconditions, you can create a duplicate of a path and only define preconditions for one of the two instances of that path. This allows you to handle the path differently, depending on whether or not the preconditions are met.

Examples

Paths are interpreted as regular expressions (for details on the syntax, see Regular Expressions). Depending on the web application, it can be useful to create separate paths for specific directories or for specific file types.

Example

  • /.* for all URLs (“catch all” rule); this path is already present by default
  • /cgi-bin/.* for all installed CGI programs
  • /.*\.php for all PHP scripts
  • /download/.* for the download directory and all of its subdirectories

Creating a path

  1. In the navigation area, select the application for which you want to create the path.
  2. Activate the Ruleset Config | Path tab.

  3. Under Add Path, specify the regular expression for the path (for more on the syntax, see Regular Expressions).
  4. Select the position at which the path is to be inserted within the list.
  5. Click the Add button. The path then appears at the selected position on the list.
  6. To document the use of the path, you can optionally add a comment and a description to the path. To do so, edit the path.

Editing a path

  1. In the navigation area, select the application whose path you want to edit.
  2. Activate the Ruleset Config | Path tab.
  3. In the Action column, click the Edit icon for the path that you want to change.
  4. Activate the Path Settings tab.

  5. Under Mapped Prefixes you can see the customer keys to which the application has been mapped in application mapping plus the full URLs, consists of the mapped prefixes plus the path.
  6. Under Path regex you can change the regular expression as required.
  7. Under Path description you can optionally enter some short text describing the purpose of the path. If you do so, this text will be shown instead of the regular expression in the list of paths on the Path tab.
  8. Under Path comment you can optionally enter some longer text that documents the use of the path. If you do so, this text will be shown in a small popup window that appears when you hover the mouse over the path on the Path tab. Click the Apply button.

Moving a path

To move a path to another position within the list, click the arrow symbols in the Order column.

Deleting a path

  1. In the navigation area, select the application for which you want to delete a path.
  2. Activate the Ruleset Config | Path tab.
  3. In the Action column, click the relevant Delete icon for the path that you want to delete.

Using search

The regular expressions for defining paths can be quite simple but also highly complex. For testing which path matches a particular URL, you can use the search filed above the list of your paths. To do so, just enter the URL into the search field. The matching path is automatically highlighted. (You don’t have to click any submit button.)

Note that the order of paths is important. vWAF always processes them from top to bottom. The first match wins.

Look at the following example:

Path /path01 isn’t used because the “catch-all” path.* already matches before.

The match changes if you switch positions: