Web Agent Guides › Web Agent Configuration Guide › Enforce Security with URL Monitoring › Protect Resources Without Extensions

Protect Resources Without Extensions

To prevent unauthorized users from gaining access to resources without extensions, you can use the following parameter:

• OverrideIgnoreExtFilter

  Specifies a list of strings you want the Web Agent to match against all URIs. This helps you protect resources whose extensions are normally ignored by the Web Agent, or any files or applications that do not have extensions. If the URI matches one of the strings in the list, the Web Agent checks with the Policy Server to determine if the resource is protected.

  It is better to specify more general strings instead of exact paths. You can also include a partial string to protect a group of resources. For example, the string /servlet/ protects the following resources:

  • /dira/app1/servlet/app
  • /dirb/servlet/app1
  • /dirc/mydir/servlet/app2

  Default: No default

To protect resources without extensions, add strings for the resources (without periods) that you want to protect to the value of the OverrideIgnoreExtFilter parameter. If you are using an Agent Configuration Object, use the multi-value option to add the strings. If you are using a local configuration file, add each string on its own line.