When "block common exploits" is enabled, is there a way to bypass certain rules? #2966
Closed as not planned
Description
I have a PHP application that can be accessed via HTTPS by configuring proxy rules in Nginx (I have enabled block common exploits in Nginx). For example, I can access the application using URLs like https://demo.test.com/my.php or https://demo.test.com/app/other.php. However, when I try to access https://demo.test.com/app/other.php?img=/source/test.jpg, it returns a 403 error due to triggering a vulnerability policy. I cannot modify the PHP application. Is there a way to solve this issue by customizing the proxy rule configuration or using advanced configurations?
