I have the following url's using which my site is accessed:
http://www.itsmysitesitesite.com/showproduct.aspx?id=230 http://www.itsmysitesitesite.com/browseproduct.aspx?catid=100
I want to write a IIS Rewrite Rule that blocks a url if the ID= or catid= portion starts with minus (-)
Eg: block these urls
http://www.itsmysitesitesite.com/showproduct.aspx?id=-230 http://www.itsmysitesitesite.com/showproduct.aspx?id=-2%27 http://www.itsmysitesitesite.com/browseproduct.aspx?catid=-1
In my IIS 8.0 I wrote a Rewrite Rule as following:
<system.webServer><security><requestFiltering><denyUrlSequences><add sequence="id=-" /> <add sequence="catid=-" /></denyUrlSequences></requestFiltering></security>
However when I test it using a url say
http://www.itsmysitesitesite.com/showproduct.aspx?id=-230
a errror gets thrown and the exception is handled. The IIS Rewrite is not working, i.e. it is not blocking the url at the first place.
Can anyone throw some pointers