Decrypted traffic downloading from dropbox with several file types set to block, and then any set to alert. Javascript would be part of any. It seems to correctly identify javascript files when zipped, but not when it is just the javascript file. On the other hand it seems to identify php when it is not zipped, but miss it when it is zipped. Does this behavior make sense?
top of page
To see this working, head to your live site.
Edited:Â Feb 04, 2021
Inconsistent file identification
Inconsistent file identification
1 comment
Comments (1)
Commenting on this post isn't available anymore. Contact the site owner for more info.
Forum: Forum
bottom of page
Zip files have the advantage that the firewall needs to collect all files, reassemble and unpack, so it is able to scan a full file instead of a stream/flow. That said I don't have a real explanation for this behavior You could try running a packet-diag log to see if you can pinpoint the behavior, or open a support ticket to see if it's a bug