When a client uploads a file to a server, NSFOCUS WAF performs protection based on the file type. If the file type matches an illegal upload restriction policy, NSFOCUS WAF allows or blocks the upload based on the corresponding action specified in the policy, and logs the event. On the Illegal Upload Restriction page, customers can create, edit, delete, and duplicate illegal upload restriction policies.
Configuration procedure:
Choose Security Management > Policy Management > Basic Protection > Illegal Upload Restriction, click Create in the upper-right corner, configure basic information and inspection information as required, and click OK.
Parameters for creating an illegal download restriction policy:
Enable the illegal upload restriction for a protected website:
Choose Security Management > Website Protection, select a website group in the left pane, click Web Security Protection, select the previously created policy for Illegal Upload Restriction, and click OK on the bottom.
Check NSFOCUS WAF protection logs against illegal upload attacks:
Choose Logs & Reports > Security Protection Logs > Web Security Logs.
Check malicious payload: