ADC

Configuring the Default Rewrite Action

An undefined event is triggered when the Citrix ADC cannot evaluate a policy, usually because it detects a logical or other error in the policy or an error condition on the Citrix ADC. When the rewrite policy evaluation results in an error, the specified undefined action is carried out. Undefined actions configured at the rewrite policy level are carried out before a globally configured undefined action.

The Citrix ADC supports following three types of undefined actions:

  • undefAction NOREWRITE

    Aborts rewrite processing, but does not alter the packet flow. This means that the Citrix ADC continues to process requests and responses that do not match any rewrite policy, and eventually forwards them to the requested URL unless another feature intervenes and blocks or redirects the request. This action is appropriate for normal requests to your Web servers, and is the default setting.

  • undefAction RESET

    Resets the client connection. This means that the Citrix ADC tells the client that it must re-establish its session with the Web server. This action is appropriate for repeat requests for Web pages that do not exist, or for connections that might be attempts to hack or probe your protected Web site(s).

  • undefAction DROP

    Silently drops the request without responding to the client in any way. This means that the Citrix ADC simply discards the connection without responding to the client. This action is appropriate for requests that appear to be part of a DDoS attack or another sustained attack on your servers.

Note: Undefined events can be triggered for both request and response flow specific policies.

To configure the default action by using the command line interface

At the command prompt, type the following commands to configure the default action and verify the configuration:

  • <set rewrite param -undefAction ( NOREWRITE RESET DROP )
  • <show rewrite param

Example:


> set rewrite param -undefAction NOREWRITE
 Done
> show rewrite param
        Action Name: NOREWRITE
 Done
<!--NeedCopy-->

To configure the default action by using the configuration utility

  1. Navigate to AppExpert > Rewrite.
  2. In the details pane, under Rewrite Overview, click the Change Rewrite Settings link. The Set Rewrite Params dialog box appears.
  3. Under Global Undefined-Result Action, select an option as follows:
    • NoRewrite—NOREWRITE
    • Reset—RESET
    • Drop—DROP
  4. Click OK. The global undefined action is set to the value you chose.
Configuring the Default Rewrite Action