We are in the process of creating HTTP Security Filter policies for our current and new applications. We need to figure out the required methods, extensions, headers, and other signatures that are specific to our applications.
Right now we are in the process of working to get an application up and running with ISA 2004. We have run into a problem where the website works periodically and fails periodically.
In order to troubleshoot this further I made a change in logging to allow filter information to be displayed. This got me to the point where we now showing detail in the errors, specifically "Blocked by the HTTP Security filter: URL contains an extension which is not specifically allowed". This information is helpful, but not nearly enough. We need to know exactly which extension or extensions are being blocked.
I would like to know if there is a way within ISA 2004 to see what specific extension or extensions are being blocked. We have spent an enormous amount of time and effort trying to figure this out on our own.
In the long run this is going to be a significant need. We are not only going to need to see which particular extensions are being blocked, but we will need to know what methods are needed, what headers are needed, and what signatures are missing. I truly hope there is a way to do this within ISA.