You may see warning message like below in ns.log and would like to know why this log exists.

Aug 12 16:50:25 <local0.warn> X.X.X.X 08/12/2024:07:50:25 GMT XXX 0-PPE-2 : default SSLVPN Message 918225 0 : "is_whitelisted_request - Dropping invalid http request:|/v1|"

Instructions

As part of “CVE-2019-19781” fix, we have added one more level of mitigation at NetScaler PE level by whitelisting the folders/path to allow access.

If there is any access to the URLs that are not in the whitelist, NetScaler will take is as invalid access and drop the requests. 

As the accessed URL "/v1" and "/nitro"is invalid , it is expected that NetScaler generates logs as below.

Aug 12 16:50:25 <local0.warn> X.X.X.X 08/12/2024:07:50:25 GMT XXX 0-PPE-2 : default SSLVPN Message 918225 0 : "is_whitelisted_request - Dropping invalid http request:|/v1|"
Aug 12 16:50:39 <local0.warn> X.X.X.X 08/12/2024:07:50:39 GMT XXX 0-PPE-4 : default SSLVPN Message 3734683 0 : "is_whitelisted_request - Dropping invalid http request:|/nitro|"

Note : Even though "/v1" and "/nitro" are invalid URLs, "/v1/" , "/nitro/" are allowed because these are normal URLs that will be used when we access the admin GUI.