Evaluation
Adding a Variable is a compelling feature that will allow you to extract data from the request and utilize it in the Actions. For example, you could log a user username or send an email if there is a security problem.
· Variable: This must start and end with a $ symbol. For example $variable1$
· Source: Select from the drop-down box the source of the variable
· Detail: Select from the list when relevant. If the Source=Request Header, the Details could be User-Agent
· Value: Enter the text or regular expression to fine-tune the variable.
Built-in Variables:
· Built-In variables have already been hard coded, so you do not need to create an evaluation entry for these.
· You can use any of the variable listed below in your action
· The explanation for each variable is located in the “Condition” table above
o Method = $method$
o Path = $path$
o Querystring = $querystring$
o Sourceip = $sourceip$
o Response code (text also included “200 OK”) = $resp$
o Host = $host$
o Version = $version$
o Clientport = $clientport$
o Clientip = $clientip$
o Geolocation = $geolocation$”
Example Action:
· Action = Redirect 302
o Target = HTTPs://$host$/404.html
· Action = Log
o Target = A client from $sourceip$:$sourceport$ has just made a request $path$ page
Explanation:
· A client accessing page that does not exist would ordinarily be presented with a browsers 404 page
· In this instance the user is redirected to the original hostname they used but the wrong path is replaced with 404.html
· An entry is added to the syslog saying “A client from 154.3.22.14:3454 has just made a request to wrong.html page”
|
Source
|
Description
|
Example
|
|
Cookie
|
This is the name and value of the cookie header
|
MS-WSMAN=afYfn1CDqqCDqUD::Where the name is MS-WSMAN and the value is afYfn1CDqqCDqUD::
|
|
Host
|
This is the hostname extracted from the URL
|
www.mywebsite.com or 192.168.1.1
|
|
Language
|
This is the language extracted from the Language HTTP header
|
This condition will produce a dropdown with a list of languages.
|
|
Method
|
This is a drop down of HTTP methods
|
The dropdown will include GET, POST
|
|
Path
|
This is the path of the website
|
/mywebsite/index.html
|
|
POST
|
POST request method
|
Check data being uploaded to a website
|
|
Query Item
|
This is the name and value of a query. As such it can either accept the query name or a value also
|
“Best=jetNEXUS” Where the Match is Best and the Value is edgeNEXUS
|
|
Query String
|
This is the whole string after the ? character
|
HTTP://server/path/program?query_string
|
|
Request Header
|
This can be any header sent by the client
|
Referrer, User-Agent, From, Date…
|
|
Response Header
|
This can be any header sent by the server
|
Referrer, User-Agent, From, Date…
|
|
Version
|
This is the HTTP version
|
HTTP/1.0 or HTTP/1.1
|
|
Detail
|
Description
|
Example
|
|
Accept
|
Content-Types that are acceptable
|
Accept: text/plain
|
|
Accept-Encoding
|
Acceptable encodings
|
Accept-Encoding: <compress | gzip | deflate | sdch | identity>
|
|
Accept-Language
|
Acceptable languages for response
|
Accept-Language: en-US
|
|
Accept-Ranges
|
What partial content range types this server supports
|
Accept-Ranges: bytes
|
|
Authorization
|
Authentication credentials for HTTP authentication
|
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
|
|
Charge-To
|
Contains account information for the costs of the application of the method requested
|
|
|
Content-Encoding
|
The type of encoding used on the data.
|
Content-Encoding: gzip
|
|
Content-Length
|
The length of the response body in Octets (8-bit bytes)
|
Content-Length: 348
|
|
Content-Type
|
The mime type of the body of the request (used with POST and PUT requests)
|
Content-Type: application/x-www-form-urlencoded
|
|
Cookie
|
a HTTP cookie previously sent by the server with Set-Cookie (below)
|
Cookie: $Version=1; Skin=new;
|
|
Date
|
Date and time at which
the message was originated
|
Date = “Date” “:” HTTP-date
|
|
ETag
|
An identifier for a specific version of a resource, often a message digest
|
ETag: “aed6bdb8e090cd1:0”
|
|
From
|
The email address of the user making the request
|
From: user@example.com
|
|
If-Modified-Since
|
Allows a 304 Not Modified to be returned if content is unchanged
|
If-Modified-Since: Sat, 29 Oct 1994 19:43:31 GMT
|
|
Last-Modified
|
The last modified date for the requested object, in RFC 2822 format
|
Last-Modified: Tue, 15 Nov 1994 12:45:26 GMT
|
|
Pragma
|
Implementation-specific headers that may have various effects anywhere along the request-response chain.
|
Pragma: no-cache
|
|
Referrer
|
This is the address of the previous web page from which a link to the currently requested page was followed
|
Referrer: HTTP://www.edgenexus.io
|
|
Server
|
A name for the server
|
Server: Apache/2.4.1 (Unix)
|
|
Set-Cookie
|
an HTTP cookie
|
Set-Cookie: UserID=JohnDoe; Max-Age=3600; Version=1
|
|
User-Agent
|
The user agent string of the user agent
|
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
|
|
Vary
|
Tells
downstream proxies how to match future request headers to decide
whether the cached response can be used rather than requesting a fresh
one from the origin server
|
Vary: User-Agent
|
|
X-Powered-By
|
Specifies the technology (e.g. ASP.NET, PHP, JBoss) supporting the web application
|
X-Powered-By: PHP/5.4.0
|