HL7 Protocol files are blocked by WAF

I’m having issues with HL7 format file upload.

Here is a file example:
MSH|^~\&|EPIC|EPICADT|SMS|SMSADT|199912271408|CHARRIS|ADT^A04|1817457|D|2.5| PID||0493575^^^2^ID 1|454721||DOE^JOHN^^^^|DOE^JOHN^^^^|19480203|M||B|254 MYSTREET AVE^^MYTOWN^OH^44123^USA||(216)123-4567|||M|NON|400003403~1129086| NK1||ROE^MARIE^^^^|SPO||(216)123-4567||EC||||||||||||||||||||||||||| PV1||O|168 ~219~C~PMA^^^^^^^^^||||277^ALLEN MYLASTNAME^BONNIE^^^^|||||||||| ||2688684|||||||||||||||||||||||||199912271408||||||002376853

When trying to upload a file like so, it is blocked by the WAF and require a JS Challenge.
The problem is, the site is using stateless architecture so there are www.example.com and api.example.com.

What is the best way to solve this?

  1. Try and connect the www, api to the same origin for the JS Challenge to be successful.
  2. Change the WAF rules to know about HL7 file format.


I’ve filed a ticket with the Managed Rules team to investigate this as a false positive but would be great if you could share which specific rule is flagging the request? You should be able to see this in Firewall Events.

1 Like