Prev  Chapter 9. Frequently Asked Questions  

8. Filtering

8.1. Requests are blocked but not logged
8.2. NTLM authentication
8.3. Redirecting from HTTP to HTTPS

8.1.

Requests are blocked but not logged

I have installed Web Security Manager in a test environment and created a website proxy for our test website, but my requests are not getting through.

I get a “404 Not Found” message from Web Security Manager but the denied requests do not appear in the deny log of the website proxy.

The most common reason for blocked requests not showing in the website deny log is that they are logged in the Web Security Manager Generic website proxy (ID 0 in the overview). This is because the request is targeting an unknown host or is malformed in some other way.

For example, when you bind inbound traffic to an interface with IP address 192.168.10.10 and you configure Web Security Manager to proxy requests for www.mydomain.com and then try to access the website by entering the IP address (192.168.10.10) in the browser address field, the request will be rejected because the browser sends a request for the virtual host 192.168.10.10 not the virtual host www.mydomain.com you just configured.

If you want Web Security Manager to respond to the IP address (which is practical for test purposes but definitely not recommended for production), add the IP address to the virtual host aliases list in Services->Websites->ADC->Load balancing+Virtual host aliases.

8.2.

NTLM authentication

We have a MS IIS based site using NTLM authentication. When requests are proxied through Web Security Manager it does not work. How can we make it work?

Enable "Add HTTP/1.1 VIA header information" in Services->Websites->ADC->Load balancing. This should do it.

Microsoft IIS is configured not to allow NTLM authentication if a request is coming from a proxy server (as with Web Security Manager). If it sees a NTLM request coming thru a proxy server, IIS will subvert to other authentication methods, such as Basic of Digest.

If "Add HTTP/1.1 VIA header information" is enabled Web Security Manager will insert a Via: header in forwarded requests which will inform the back-end server that the request is proxied.

8.3.

Redirecting from HTTP to HTTPS

When our visitors request a resource in a specific path (like /secret/someapp.php), how do we redirect them to the same path on a corresponding HTTPS site.

Enter a redirect rule in Services->Websites->ADC->Virtual host.

For example: To redirect visitors requesting http://www.mydomain.com/secret/someapp.php to https://www.mydomain.com/secret/someapp.php enter the following redirect rule:

Match Type: "prefix"

Match: /secret/

Redirect externally to: http://www.mydomain.com/secret/

This will redirect any request for resources in /secret/ to the HTTPS site.

Note that the protocol and server address is required in the redirect to field. It can be any address including https://www.myotherdomain.com/secret/deep/in/the/directory/tree/ in which case a request for http://www.mydomain.com/secret/someapp.php will be redirected to https://www.myotherdomain.com/secret/deep/in/the/directory/tree/someapp.php.

More advanced redirects are available using regular expressions see *redirect* in the manual or click *help* in the upper menu when you are on the server page.

© 2005 - 2012 Alert Logic inc.
Prev  Up  
7. Learning  Home