Using ASTRA Firewall

Whitelisting a GET, POST, HTML, Json parameter in Astra firewall

Whitelisting GET/POST/HTML/Json parameters from Astra firewall

Sometimes GET/POST/HTML or Json parameters accept special character which might be flagged by Astra as they contain some special characters which are often used by attackers. You can whitelist such GET/POST/HTML/Json parameters from Astra scanning by following steps:

  1. Click on the green ‘+’ icon on the threat page
  2. Click on the blue ‘Whitelist GET.parameter-name’ button
  3. Parameter won’t be scanned by Astra any more, it was that simple 🙂whitelisting parameter Astra

Whitelist GET or POST parameter when it’s not in the threats page

  1. Go to the ‘threats’ page & scroll down up till ‘exception list’
  2. In the box enter the GET/POST/HTML you want to add as an exception. Example: if you want to add a GET parameter with the name ‘anything’ to exception list then you’ll have to add GET.anythingadding exception list astra
  3. If you’ve added GET/POST parameter then simply type them in the box and click on ‘Exception Fields’
  4. If you want to add HTML, then add HTML parameter to the box and click on ‘HTML Fields’. Similarly with Json field too.
  5. That’s it, now Astra won’t be scanning these parameters.

Was this helpful?