Variable | Description | Default |
<entry_index> | Type the index number of the individual rule in the table. The valid range is from 1 to 9,223,372,036,854,775,807. | No default. |
status {enable | disable} | Enable to exempt this object from all scans. | enable |
type {Cookie | Parameter | URL} | Indicate the type of the object. Depending on your selection, the remaining settings vary. | URL |
domain <cookie_fqdn> | Type the partial or complete domain name or IP address as it appears in the cookie, such as: • www.example.com • .google.com • 10.0.2.50 If clients sometimes access the host via IP address instead of DNS, create white list objects for both. This setting is available if type is set to Cookie. Caution: Do not whitelist untrusted subdomains that use vulnerable cookies. It could compromise the security of that domain and its network. | No default. |
name <name_str> | Depending on your selection in type {Cookie | Parameter | URL}, either: • type the name of the cookie as it appears in the HTTP request, such as NID. • type the name of the parameter as it appears in the HTTP URL or body, such as rememberme. This setting is available if type is set to Cookie or Parameter. | No default. |
path <url_str> | Type the path as it appears in the cookie, such as / or /blog/folder. This setting is available if type is set to Cookie. | No default. |
request-type {plain | regular} | Indicate whether the request-file <url_str> field will contain a literal URL (plain), or a regular expression designed to match multiple URLs (regular). This setting is available if type is set to URL. | plain |
request-file <url_str> | Depending on your selection in the request-type {plain | regular} field, enter either: • the literal URL, such as /robots.txt, that the HTTP request must contain in order to match the rule. The URL must begin with a backslash ( / ). • a regular expression, such as ^/*.html, matching all and only the URLs to which the rule should apply. The pattern does not require a slash ( / ); however, it must at match URLs that begin with a backslash, such as /index.html. Do not include the domain name, such as www.example.com. This setting is available if type is set to URL. |