This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
JSON SQL Injection protection check
An incoming JSON request can have SQL injection in the form of partial SQL query strings or unauthorized commands in the code. This leads to stealing of data from the JSON database of your web servers. On receiving such request, the appliance blocks such request to protection your data.
Consider a scenario, where a client sends a JSON SQL request to a Citrix ADC appliance, the JSON parser parses the request payload and if an SQL Injection is observed, the appliance enforces constraints on the JSON SQL content. The constraint enforces a size limit on the JSON SQL request. As a result, if any JSON SQL Injection is observed, the appliance applies an action and responds with the JSON SQL error page.
Configure JSON SQL Injection protection
For configure JSON SQL protection, you must complete the following steps:
- Add application firewall profile as JSON.
- Set application firewall profile for JSON SQL Injection settings
- Configure JSON SQL action by binding the application firewall profile.
Add application firewall profile of type JSON
You must first create a profile that specifies how the application firewall must protect your JSON web content from JSON SQL Injection attack. At the command prompt, type:
add appfw profile <name> -type (HTML | XML | JSON)
Note:
When you set the profile type as JSON, other checks such as HTML or XML will not applicable.
Example
add appfw profile profile1 –type JSON
Configure JSON SQL Injection action
You must configure one or more JSON SQL Injection actions to protection your application from JSON SQL injection attacks. At the command prompt, type:
set appfw profile <name> - JSONSQLInjectionAction [block] [log] [stats] [none]
SQL Injection actions are: Block - Block connections that violate this security check. Log - Log violations of this security check. Stats - Generate statistics for this security check. None - Disable all actions for this security check.
Configure JSON SQL Injection type
To configure the JSON SQL Injection type on an application firewall profile, at the command prompt, type:
set appfw profile <name> - JSONSQLInjectionType <JSONSQLInjectionType>
Example
set appfw profile profile1 -JSONSQLInjectionType SQLKeyword
Where the available SQL Injection types are: Available SQL injection types. SQLSplChar. Checks for SQL Special Characters, SQLKeyword. Checks for SQL Keywords. SQLSplCharANDKeyword. Checks for both and blocks if found. SQLSplCharORKeyword. . Blocks if SQL special character or spl keyword is found. Possible values: SQLSplChar, SQLKeyword, SQLSplCharORKeyword, SQLSplCharANDKeyword.
Note: To enable one or more actions, type “set appfw profile - JSONSQLInjectionAction” followed by the actions to be enabled.
Example
set appfw profile profile1 -JSONSQLInjectionAction block log stat
The following example shows a sample payload, its corresponding log message and statistics counters:
Payload:
=======
{
"test": "data",
"username": "waf",
"password": "select * from t1;",
"details": {
"surname": "test",
"age": "23"
}
}
Log Message:
===========
08/19/2019:08:49:46 GMT pegasus121 Informational 0-PPE-0 : default APPFW APPFW_JSON_SQL 6656 0 : 10.217.32.165 18402-PPE0 - profjson http://10.217.32.147/test.html SQL Keyword check failed for object value(with violation="select(;)") starting at offset(52) <blocked>
Counters:
========
1 441083 1 as_viol_json_sql
3 0 1 as_log_json_sql
5 0 1 as_viol_json_sql_profile appfw__(profjson)
7 0 1 as_log_json_sql_profile appfw__(profjson)
<!--NeedCopy-->
Configure JSON SQL Injection protection by using Citrix GUI
Follow the procedure below to set the JSON SQL Injection protection settings.
- On the navigation pane, navigate to Security > Profiles.
- In the Profiles page, click Add.
- In the Citrix Web App Firewall Profile page, click Security Checks under Advanced Settings.
- In the Security Checks section, go to JSON SQL Injection settings.
- Click the executable icon near the check box.
- Click Action Settings to access the JSON SQL Injection Settings page.
- Select the JSON SQL Injection actions.
- Click OK.
- In the Citrix Web App Firewall Profile page, click Relaxation Rules under Advanced Settings.
- In Relaxation Rules section, select JSON SQL Injection settings and click Edit.
- In the JSON SQL Injection Relaxation Rule page, enter the URL to which the request has to be sent. All requests sent to this URL will not be blocked.
-
Click Create.
Share
Share
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.