Follow

Issue: HTTP Requests to /TSPD* and /TSbd* URLs are sent to the Backend

Issue

  • When the Silverline proxy is configured with L7 DDoS profile and is only enabled onto one or more URL, requests to /TSPD* and/or /TSbd* could end up to the backend

Environment

  • Silverline WAF
  • Silverline DDoS
  • Proxy/Proxies
  • L7 DDoS Profile
    • L7 DDoS profile is enabled on one or more URL (that does not include /TSPD/ or /TSbd)

Cause

  • HTTP requests to /TSPD* and/or /TSbd* could end up at the backend
    • The L7 DDoS profile uses /TSPD and /TSbd to resolve the JS challenges
      • If there's no associated L7 DDoS Profile to handle the JS responses, the request is processed by the backend application instead
    • Commonly result in 404 error as the backend does not know how to handle the HTTP request

Resolution

  1. The Proxy should automatically include /TSPD and /TSbd URLs in the configuration if an L7 DDOS policy is only applied to a specific URL. However, if you do see requests going to /TSPD hitting the backend, then please proceed to the next step
  2. Please adjust the proxy configuration entry to add the same L7 DDoS profile to /TSPD URI and /TSbd URIL7DDoS_TSPD.png

Related Content

  • N/A
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request