The Barracuda Load Balancer ADC normalizes all traffic before applying any security policy string matches. For HTTP data, this requires decoding Unicode, UTF, or Hex to base text, to prevent disguised attacks using encoding formats for which string matches are not effective.
While the Barracuda Load Balancer ADC is active, URL normalization is always enabled. However, URL normalization includes the following configuration options:
- Use the Default Character Set parameter to specify the character set encoding type for incoming requests. UTF-8 is the default.
In some cases, multiple character set encoding is needed, as for a Japanese language site which might need both Shift-JIS and EUC-JP encoding. To add character set encoding, expand the Additional Options and set the Detect Response Character Set parameter to Yes. All response headers will be searched for a META tag specifying the character set encoding type and any supported types will be added dynamically.
- If you enable double decoding, after the regular URL normalization is complete, the Barracuda Load Balancer ADC attempts to further decode the characters. If decoding fails, the request is blocked in active mode and a log is generated in the web firewall logs. In passive mode, the request is allowed and a logs is generated. To enable double decoding, set Apply Double Decoding to Yes.
- To configure URL normalization, select a policy from the Policy Name list and click Configure… under URL Normalization in the Security Policies section.