Jump to content


Photo

660vx Parameter length exceeded

WAF

Best Answer Aravindan Anandan, 10 May 2017 - 06:21 AM

The security policy -> Parameter protection -> "Parameter value length exceeded" check is a global field that will affect all the services that use the security policy. The check is present to prevent any buffer overflow on the server caused due to sending a request with a parameter value thats more than what the server can accept.

Go to the full post


  • Please log in to reply
4 replies to this topic

#1 Richard van Schaijik

Richard van Schaijik
  • Members
  • 3 posts

Posted 10 May 2017 - 04:40 AM

We are placing a new website behind our WAF, what we noticed is that this website hosts 10+ very complicated web forms.

Some input fields have a limit of 10000 characters for the parameters.

 

How would we approach these issues, create website profile overrides by hand for these forms, use the exception learning option or just trigger it and press fix in the web firewall logs?

Many thanks for any suggestion on this.



#2 Aravindan Anandan

Aravindan Anandan
  • Barracuda Team Members
  • 70 posts

Posted 10 May 2017 - 05:43 AM

If the acceptable length is 10000 characters or more, then you will be better off to disable the parameter length exceeded check completely. This can be done by removing any value thats present currently saving the blank field. This way, only the "parameter length exceeded" check will be disabled. The parameter value will anyway go through other inspections.



#3 Richard van Schaijik

Richard van Schaijik
  • Members
  • 3 posts

Posted 10 May 2017 - 06:15 AM

Thank you for the reply, what would the security impact be for setting it to 10.000?

Is it mostly in regards to DOS attacks?



#4 Aravindan Anandan

Aravindan Anandan
  • Barracuda Team Members
  • 70 posts

Posted 10 May 2017 - 06:21 AM   Best Answer

The security policy -> Parameter protection -> "Parameter value length exceeded" check is a global field that will affect all the services that use the security policy. The check is present to prevent any buffer overflow on the server caused due to sending a request with a parameter value thats more than what the server can accept.



#5 Richard van Schaijik

Richard van Schaijik
  • Members
  • 3 posts

Posted 10 May 2017 - 06:41 AM

Thanks a lot!