Citrix Systems 9.2 Benutzerhandbuch
254
Citrix NetScaler Policy Configuration and Reference Guide
D.
For the Credit Card check, disable blocking; enable logging,
statistics, and masking of credit card numbers; and enable protection
for those credit cards you accept as forms of payment.
statistics, and masking of credit card numbers; and enable protection
for those credit cards you accept as forms of payment.
•
If you are using the configuration utility, you configure
blocking, logging, statistics, and masking (or x-out) in the
Modify Credit Card Check dialog box, General tab, Check
Actions section. You configure protection for specific credit
cards in the Settings tab of the same dialog box.
blocking, logging, statistics, and masking (or x-out) in the
Modify Credit Card Check dialog box, General tab, Check
Actions section. You configure protection for specific credit
cards in the Settings tab of the same dialog box.
•
If you are using the command line, you configure these settings
by typing the following at the prompt, and pressing Enter:
by typing the following at the prompt, and pressing Enter:
set appfw profile shopping_cart -creditCardAction LOG
STATS -creditCardXOut ON -creditCard <name> [<name>...]
For <name> you substitute the name of the credit card you want to
protect. For Visa, you substitute VISA. For Master Card, you
substitute MasterCard. For American Express, you substitute
Amex
protect. For Visa, you substitute VISA. For Master Card, you
substitute MasterCard. For American Express, you substitute
Amex
. For Discover, you substitute Discover. For Diners Club, you
substitute DinersClub. For JCB, you substitute JCB.
8.
Create a policy named shopping_cart that detects connections to your
shopping cart application and applies the shopping_cart profile to those
connections.
shopping cart application and applies the shopping_cart profile to those
connections.
To detect connections to the shopping cart, you examine the URL of
incoming connections. If you host your shopping cart application on a
separate host (a wise measure for security and other reasons), you can
simply look for the presence of that host in the URL. If you host your
shopping cart in a directory on a host that handles other traffic, as well, you
must determine that the connection is going to the appropriate directory
and/or HTML page.
incoming connections. If you host your shopping cart application on a
separate host (a wise measure for security and other reasons), you can
simply look for the presence of that host in the URL. If you host your
shopping cart in a directory on a host that handles other traffic, as well, you
must determine that the connection is going to the appropriate directory
and/or HTML page.
The process for detecting either of these is the same; you create a policy
based on the following expression, and substitute the proper host or URL
for <string>.
based on the following expression, and substitute the proper host or URL
for <string>.
REQ.HTTP.HEADER URL CONTAINS <string>
•
If you are using the configuration utility, you navigate to the
Application Firewall Policies page, click the Add... button to add a
new policy, and follow the policy creation process described in “To
create a policy with classic expressions using the configuration
utility” beginning on page 201 and following.
Application Firewall Policies page, click the Add... button to add a
new policy, and follow the policy creation process described in “To
create a policy with classic expressions using the configuration
utility” beginning on page 201 and following.
•
If you are using the command line, you type the following command
at the prompt and press Enter:
at the prompt and press Enter:
add appfw policy shopping_cart "REQ.HTTP.HEADER URL
CONTAINS <string>" shopping_cart