Solution #00005880
Scope:
Answer:
Credit card, Social Security Numbers (SSN), or any other sensitive data can be retrieved from the access logs.
To protect this data administrator has to specify the parameters under "Web Sites > Advanced Security > Mask Sensitive Data". This option allows the administrator to specify the parameters which are considered sensitive and to be hidden under Access Logs and Web Firewall Logs.
The Barracuda Web Application Firewall replaces the value of these parameters with X's, while logging it under Access Logs and Web Firewall Logs, if present in the request.
Note: Masking sensitive data is done only for URL parameters.
Sensitive Parameter Names - Enter the comma separated list of parameters which are to be masked. For example, Password, Name.
Link to this page:
https://campus.barracuda.com/solution/50160000000IgnTAAS