Manual Chapter : Configuring referrer checks
Applies To:Show Versions
- 17.1.0, 17.0.0, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.0
Configure referrer checks on an anti-fraud profile if you want the system to examine requests for resources on web pages in the anti-fraud profile that come from domains outside of the anti-fraud profile.
- On the Main tab, click.The Anti-Fraud Profiles screen opens.
- From the list of profiles, select the profile on which you want to configure referrer checks.The Anti-Fraud Profile Properties screen opens.
- In the Anti-Fraud Configuration area, selectAdvancedand thenPhishing Detection.The Phishing Detection screen opens.
- Select theEnabledcheck box for theReferrer Checkssetting.The Referrer Checks configuration options are displayed.
- In theReferrer Domain Whitelistfield, type a list of external domains that are allowed to request resources from the protected web application.
- In theCheck referrer header value in requests to these URLsfield, type a list of URLs on which the system checks the referrer header value in the htttp request to determine if the request may have come from a phishing site.If you want the system to check referrer header value in http requests from URLs ending in a specific file type, type*.and then the file type. For example, if you want the system to check the referrer header value in requests from URLs ending with.gif, type*.gif.
- In theIgnore referrer checks for these URLsfield, type a list of URLs where the system should not examine the referrer header value in requests.
- ClickSave.The anti-fraud profile is updated with the changes you made.