Issue
- When the Silverline proxy is configured with L7 DDoS profile and is only enabled onto one or more URL, requests to /TSPD* and/or /TSbd* could end up to the backend
Environment
- Silverline WAF
- Silverline DDoS
- Proxy/Proxies
- L7 DDoS Profile
- L7 DDoS profile is enabled on one or more URL (that does not include /TSPD/ or /TSbd)
Cause
- HTTP requests to /TSPD* and/or /TSbd* could end up at the backend
- The L7 DDoS profile uses /TSPD and /TSbd to resolve the JS challenges
- If there's no associated L7 DDoS Profile to handle the JS responses, the request is processed by the backend application instead
- Commonly result in 404 error as the backend does not know how to handle the HTTP request
- The L7 DDoS profile uses /TSPD and /TSbd to resolve the JS challenges
Resolution
- The Proxy should automatically include /TSPD and /TSbd URLs in the configuration if an L7 DDOS policy is only applied to a specific URL. However, if you do see requests going to /TSPD hitting the backend, then please proceed to the next step
- Please adjust the proxy configuration entry to add the same L7 DDoS profile to /TSPD URI and /TSbd URI
Related Content
- N/A