This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Danny
Champion Champion
Champion
‎2023-04-13 02:43 PM

Related Links for Custom Sites/Applications

Recommendations

  • Don't use * as it puts high load to the Pattern Matcher on the Security Gateway (it doesn't matter if it's with or without Regex)
  • Don't put http: or https: in the string of the custom site
  • Always put a / at the end of non-Regex domains
  • If a special subdomain can be referenced, such as  www.sample.com/ avoid Regex and directly reference it
  • Verify the common name of the custom site and test with this one as well, if it's different

Special considerations

  • Regex syntax implicitly starts and ends with .*
  • Non-Regex syntax implicitly ends with *
  • Custom applications are matched only with the payload of a connection

Risk mitigation

  • Many syntaxes allow more than intended, thoughtfully plan and test your syntax
  • Workarounds might cause performance impacts, though they are always a good read
  • Learn Regex! Verify your Regex syntax with online Regex generators. Understand your Regex!

Common mistakes

  • checkpoint.com matches for checkpoint.com.crime.org
  • *checkpoint.com/ matches for crime.org/checkpoint.com/
  • *.checkpoint.com/ matches for crime.org/www.checkpoint.com/ 
  • Regex \/checkpoint.com\.com matches for crime.org/checkpoint.com/
  • Regex \.checkpoint\.com matches for www.checkpoint.com.crime.org
(1)
Who rated this post