Product Documentation

Adding or Removing a Signatures Object

Oct 06, 2014
You can add a new signatures object to the application firewall by:
  • Copying a built-in template.
  • Copying an existing signatures object.
  • Importing a signatures object from an external file.

You must use the configuration utility to copy a template or existing signatures object. You can use either the configuration utility or the command line to import a signatures object. You can also use either the configuration utility or the command line to remove a signatures object.

To create a signatures object from a template

  1. Navigate to Security > Application Firewall > Signatures.
  2. In the details pane, select the signatures object that you want to use as a template.

    Your choices are:

    • * Default Signatures. Contains the signatures rules, the SQL injection rules, and the cross-site scripting rules.
    • * XPath Injection. Contains the XPath injection patterns.
    • Any existing signatures object.
    Attention: If you do not choose a signatures type to use as a template, the application firewall will prompt you to create signatures from scratch.
  3. Click Add.
  4. In the Add Signatures Object dialog box, type a name for your new signatures object, and then click OK. The name can begin with a letter, number, or the underscore symbol, and can consist of from one to 31 letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), and underscore (_) symbols.
  5. Click Close.

To create a signatures object by importing a file

  1. Navigate to Security > Application Firewall > Signatures.
  2. In the details pane, click Add.
  3. In the Add Signatures Object dialog box, select the format of the signatures you want to import.
    • To import a NetScaler format signatures file, select the Native Format tab.
    • To import an external signatures format file, select the External Format tab.
  4. Choose the file that you want to use to create your new signatures object.
    • To import a native NetScaler format signatures file, in the Import section select either Import from Local File or Import from URL, then type or browse to the path or URL to the file.
    • To import a Cenzic, IBM AppScan, Qualys, or Whitehat format file, in the XSLT section select Use Built-in XSLT File, Use Local File, or Reference from URL. Next, if you chose Use Built-in XSLT File, select the appropriate file format from the drop-down list. If you chose Use Local File or Reference from URL, then type or browse to the path or URL to the file.
  5. Click Add, and then click Close.

To create a signatures object by importing a file by using the command line

At the command prompt, type the following commands:

  • import appfw signatures <src> <name> [-xslt <string>] [-comment <string>] [-overwrite] [-merge] [-sha1 <string>]
  • save ns config

Example #1

The following example creates a new signatures object from a file named signatures.xml and assigns it the name MySignatures.

import appfw signatures signatures.xml MySignatures 
save ns config

To remove a signatures object by using the configuration utility

  1. Navigate to Security > Application Firewall > Signatures.
  2. In the details pane, select the signatures object that you want to remove.
  3. Click Remove.

To remove a signatures object by using the command line

At the command prompt, type the following commands:

  • rm appfw signatures <name>
  • save ns config