Firewalls, URL Signing and Form Hardening

0 投票
最新提问 用户: (2.5k 分)

We've installed Sophos UTM and are running various web sites behind it. Sophos has two options "Form hardening" and "Static URL hardening" that are intended to protect your web site from hackers.

It does this be inspecting the content in a page and, in brief, checking that when the client makes requests from that page that they are valid.

However this causes problems with some of our web sites where they dynamically construct URLs (for example an Ajax request) in Javascript, such URLs are not seen as valid and are blocked by the firewall.

My question is is this type of firewall protection going to become an increasingly common thing that I, as a web developer, am going to have to code around? Or is this always going to be a niche thing that will only work for certain web sites?

I can't find an awful lot of chatter about this topic on the web, so any thoughts would be very welcome.

登录 或者 注册 后回答这个问题。

欢迎来到 Security Q&A ,有什么不懂的可以尽管在这里提问,你将会收到社区其他成员的回答。