Limiting the Number of Requests to be Recorded

The FAST node treats all of the incoming requests as the baseline ones by default. Therefore, the node records them and creates and executes security tests on their basis. However, it is possible for the extraneous requests that should not be recognized as baseline requests to pass through the FAST node to the target application.

You can limit the number of requests to be recorded with the FAST node by filtering out all the requests that are not targeted to the application (note that the FAST node proxies the filtered requests but does not record them). This limitation reduces the load that applies to the FAST node and the target application, while boosting the testing process. To apply this limitation, you need to know the hosts the request source interacts with during the testing.

You can filter out all the non-baseline requests by configuring the ALLOWED_HOSTS environment variable.

Valid ALLOWED_HOSTS Variable Values

The ALLOWED_HOSTS variable accepts the following hosts formats:

  • fully qualified names (e.g. node.example.local)
  • a value beginning with a period (e.g. .example.local) that is recognized as a subdomain wildcard
  • a value of * that matches anything (in this case, all of the requests are recorded by the FAST node)

For more information about the ALLOWED_HOSTS variable values, proceed to this link.

The FAST node employs this environment variable in the following way:

  • If the value of the Host header of the incoming request matches the value specified in the ALLOWED_HOSTS variable, then the FAST node considers the request as a baseline one. The request is then recorded and proxied.

  • All the other requests are proxied through the FAST node but not recorded.

Example of ALLOWED_HOSTS environment variable usage

If the variable is defined as ALLOWED_HOSTS=google-gruyere.appspot.com, then the requests targeted to the google.gruyere.appspot.com domain will be considered baseline ones.

results matching ""

    No results matching ""