Troubleshooting 7G Firewall on GridPane

Last Updated on September 21, 2023 EDT by Jordan

Introduction

Someone was trying to whitelist a specific query that was being blocked by 7G firewall on GridPane. Unfortunately, they were using $args versus $request, the following code snippet shows how to bypass specific queries and also print out debug headers for troubleshooting.

Code Snippet

# ---------------
#
# Notes.
#   - You can't use $args due to 7g placing it's data here ex (:bad_querystring_30::bad_request_8:)
#   - Instead you have to use $request as this is where the entire url request is stored
#   - Reduced code by using different variables for each 7g component.
#   - Added debug header to print out details to help with regexp and other debugging.
# ---------------

set $exclude_querystring "";
set $exclude_badrequest "";
set $test_var "testing";

if ( $request ~* ^(.*)wf301_run_tool(.*)$ ) {
    set $exclude_querystring 30;
        set $exclude_badrequest 8;
}

if ( $bad_querystring_7g = $exclude_querystring ) {
        set $7g_drop_bad_query_string 0;
}

if ($bad_request_7g = $exclude_badrequest) {
   set $7g_drop_bad_request 0;
}

#add_header X-debug-message "args = $args - exclude_querystring = $exclude_querystring - exclude_badrequest = $exclude_badrequest - bad_querystring_7g = $bad_querystring_7g 7g_drop_bad_request = $7g_drop_bad_request" always;
0 Shares:

You May Also Like