By default, Deep Security is configured for UTF-8 encoding in HTTP request. Deep Security expects extended ASCII characters, such as é, to be encoded by the user’s browser as "%C3%A9". However, some applications may use a different encoding type and encode é as "%82".
If your logs show 'Invalid UTF8 Encoding' events for what appear to be legitimate traffic, you may need to change your encoding type in Deep Security:
- Open the properties of the Security Profile used by the host triggering the events (or Host properties, if your filters are assigned directly to the host).
- Open the DPI Rules section of the profile.
- Open the properties of the HTTP Protocol Decoder filter.
- Go to the Configuration tab and then select the Latin-1 encoding option.
- Click OK.
Once the Agent receives the update, Deep Security will allow encoding of this type to pass through the application.