SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

Allow enabling of Encoded Slashes directly on UTM Interface

The UTM should have a function in the Web Server Protection that allows the administrator to configure whether or not encoded slashes are allowed for the servers.

This is especially important for specific SAP-relevant functions, such as Fiori systems.
At the moment it's possible to manually configure this setting but it's reset everytime a change to a server is made.
I believe that it would be best to either:
- not overwrite the that point in the config, if enabled
- or straight up allow this configuration in the panel.

10 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)

We’ll send you updates on this idea

M. Riepert shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

2 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)
Submitting...
  • S. Mark commented  ·   ·  Flag as inappropriate

    I second this! The relevant apache parameters are

    "AllowEncodedSlashes NoDecode"
    and
    "ProxyPass ... nocanon"

    With both set encoded slashes will not be decoded and not reencoded.
    A checkbox to enable this behavior in the "Advanced" section of a virtual webserver would be nice.

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.