Today, many web applications may use some of the illegal characters listed above in URL requests. If you see an illegal character in the URI events in your DPI event logs, you may need to modify the Deep Security Agent (DSA) configuration to allow certain characters.
To allow characters from Hex 00 to Hex 7F, you need to configure the HTTP Protocol Decoding IPS filter by doing the following:
- Open the properties of the filter and then click the Configuration tab.
- Tick the Use a custom list of characters disallowed in a URI check box.
You will see the characters listed in the Raw section (not URI encoded) are the characters not allowed in all parts of URI box.
- Remove the characters that you would like to exempt from the illegal character list.
- Click OK to close the filter properties window.
The list can be customized globally and at the security profile and host levels.