We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Load Balancer ADC

Configuring URL Normalization

  • Last updated on

The Barracuda Load Balancer ADC normalizes all traffic before applying any security policy string matches. For HTTP data, this requires decoding Unicode, UTF, or Hex to base text, to prevent disguised attacks using encoding formats for which string matches are not effective.

While the Barracuda Load Balancer ADC is active, URL normalization is always enabled. However, URL normalization includes the following configuration options:

  • Use the Default Character Set parameter to specify the character set encoding type for incoming requests. UTF-8 is the default.
    In some cases, multiple character set encoding is needed, as for a Japanese language site which might need both Shift-JIS and EUC-JP encoding. To add character set encoding, expand the Additional Options and set the Detect Response Character Set parameter to Yes. All response headers will be searched for a META tag specifying the character set encoding type and any supported types will be added dynamically.
  • If you enable double decoding, after the regular URL normalization is complete, the Barracuda Load Balancer ADC attempts to further decode the characters. If decoding fails, the request is blocked in active mode and a log is generated in the web firewall logs. In passive mode, the request is allowed and a logs is generated. To enable double decoding, set Apply Double Decoding to Yes.
  • To configure URL normalization, select a policy from the Policy Name list and click Configure… under URL Normalization in the Security Policies section.
Last updated on