- What does Illegal redirection attempt mean in the Support-ID/s?
- Why do I have to explicitly allow redirections to domains in the WAF policy?
- How can Silverline WAF protect against Open redirect attacks?
- Silverline WAF
- BIG-IP ASM
- WAF Policy/Policies
- An attacker can redirect users on web applications to external malicious domains/sub-domains. This can lead to unsuspecting users giving away their personal information.
- To prevent such actions, the WAF policy checks redirections by enforcing the allowed domains/sub-domains that have been defined in the policy and only redirects to these addresses.
What to Do
When you see the "Illegal redirection attempt" violation, review the domains. If you wish to add these domains to the allowed domains:
- For existing WAF Policies:
- For new WAF Policies: submit "safe domains" through WAF Technical Questionnaire (question #15 in version 6 of questionnaire)