Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Create a rule to Work with the User-agent Header

Create a rule that performs an action on requests depending on their user-agent headers to address issues caused by the user-agents.

The following procedure assumes that an issue with SSL scanning is caused by a particular user-agent. The rule that is created lets requests with user-agent headers containing this user-agent skip SSL scanning to avoid the issues.

  1. Select the rule set for the function that is skipped for requests with the user-agent that causes issues.
    1. Select Policy | Rule Sets.
    2. On the rules tree, select the SSL Scanner rule set.
    3. Click Unlock View on the configuration pane and confirm with Yes.
      The nesting SSL Scanner rule set is accessible for inserting rules.
  2. Configure the name of the rule that lets requests skip the rules in the rule set.
    1. Click Add Rule.
      The Add Rule window opens with the Name step selected.
    2. In the Name field, type a name for the rule, for example, Skip SSL Scanner for user-agents on list.
  3. Configure the property that is used to retrieve the user-agent.
    1. Click Rule Criteria and then Add.
    2. From the drop-down menu, select Advanced Criteria.
      The Add Criteria window opens.
    3. Click Filter, then select Engine | Header and from the filtered list of properties select Header.Request.Get.
    4. Click Parameters at the property.
    5. In the window that opens, make sure that Parameter value is selected and type User-Agent, then click OK to close the window.
  4. Configure the operator and the list to compare the property value with.
    1. Leave the Matches in list operator that is suggested.
    2. From the lists under Compare with, select User Agent Whitelist.
      NOTE: The list is initially empty and you must insert an entry for the user-agent that causes issues.
    3. Click OK.
      The Add Criteria window closes and the complete criteria appears in the Add Rule window.
  5. Configure the rule action.
    1. Click Action.
    2. From the Action list select Stop Rule Set
  6. Complete the configuration.
    1. Click Finish.
      The Add Rule window closes and the rule appears in the SSL Scanner rule set.
      NOTE: The SSL Scanner rule set is empty by default, as the rules for the scanning functions are contained in nesting rule sets. If you find that the nesting rule set contains rules that were inserted after the initial setup, move the new rule into first position.
    2. Click Save Changes.
  • Was this article helpful?