Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [web-application-firewall]

generic term for set of software, web server extensions or hardware designed to filter WWW traffic at the application level in TCP network model.

Web application firewalls allow to create set of rules which both the queries to the server as well as responses from the server must meet before they are allowed to be transferred further.

In most cases they can be considered as IDS (Intrusion Detection Systems) or IPS (Intrusion Prevention Systems).

Common solutions include Apache mod_security module, WebKnight and IronBee software.

47 questions
2
votes
2 answers

Use AWS WAF to block traffic to my lightsail instance

I have an AWS lightsail instance running wordpress. It is getting pounded with hits from Chinese IP addresses - and they keep changing IP's. I started making hundreds of iptables rules but am giving up as this is clearly the wrong approach. I…
TSG
  • 1,674
  • 7
  • 32
  • 51
1
vote
1 answer

Azure Application Gateway uses FIPS 140-2 validated module

Does Azure Application Gateway uses FIPS 140-2 validated module for SSL/TLS offloading? Can we enable FIPS mode in Azure application gateway for TLS offloading?
Rashid
  • 11
  • 2
1
vote
2 answers

how to modificate modsecurity rule action for only one parameter?

I have a modsecurity with Core Rule Set. And I have POST-request with 3 parameters: Par1 = "base64-encoded XML "& Par2 = "url" & Par3 = "hash". I want to modificate CRS rules to base64Decode only Par1 and use Par2 & Par3 'as is'. I tried to use…
Vladimir
  • 31
  • 1
  • 6
1
vote
0 answers

nginx naxsi error - could not build the wlr_url_hash

I am getting this error in an nginx server compiled in with naxsi nginx: [emerg] could not build the wlr_url_hash, you should increase wlr_url_hash_bucket_size: 512 nginx: [emerg] $URL hashtable init failed in /etc/nginx/nginx.conf:87 nginx: [emerg]…
Anoop P Alias
  • 347
  • 4
  • 7
1
vote
1 answer

What is the difference between a SPI Firewall and an Application Layer Firewall?

What is the difference between a SPI Firewall and an Application Layer Firewall? In what circumstances would I prefer one over the other?
ton.yeung
  • 203
  • 2
  • 13
1
vote
2 answers

What tech. is required to build a firewall that dynamically opens ports after users authenticate through a web form against Active Directory?

I need to expose via Internet an insecure internal web app that can't be modified to be made intrinsically more secure. The most common solution for this problem is to access the web app through VPN. Unfortunately, this isn't possible in my…
bogdan
  • 65
  • 11
1
vote
2 answers

What web application firewall do you use? What should I use?

What web application firewall do you use? I'm primarily interested in something I can deploy on the perimeter that can protect multiple Apache and IIS servers, but I'd like to hear all answers. Tell me a little bit about how many servers it…
Antonius Bloch
  • 4,680
  • 6
  • 29
  • 41
1
vote
0 answers

ActiveSync on iOS 4.2 no longer supports cookies?

We have a in-house developed WAF protecting our OWA (activesync) webserver, and part of its function requires long-lived Cookies on the "browsers". We're trying to get it to support iPhones via the "Mail" app (Safari works fine), but we've run into…
jhaar
  • 181
  • 1
  • 1
  • 5
1
vote
3 answers

Does it make sense to augment WAF (Web Application Firewall) with an IPS (Intrusion Prevention System)?

Following scenario: Web application, only HTTP/S traffic Firewall in place to only allow traffic on port 80/443 in WAF is in place, set to deny malicious traffic Question: Is there any added value in this scenario to also have an IPS / Deep…
silent
  • 432
  • 4
  • 19
1
vote
0 answers

How to Implement Rate Limiting in Azure Web Application Firewall(WAF)?

I am looking to implement global rate limiting to Azure WAF. I have created custom rate limiting rules but they are IP based. I know Azure DDoS protection provides a certain coverage limit. But my goal is to have a maximum limit of HTTP requests…
Kalana Wijethunga
  • 11
  • 1
0
votes
1 answer

Securely allow inbound return from api calls

Is it secure to open inbound Firewall rule from source 0.0.0.0/0 to receive inbound return IPv4 traffic from the internet (I need this only for requests that are originated in the subnet)? I am creating a private application that works with several…
Jesper
  • 3
  • 2
0
votes
1 answer

How do I decrease the sensitivity of the AWS WAF sql injection filters?

We have our application set up on Amazon Web Services behind an ALB (Application Load Balancer) with a AWS WAF (Web Application Firewall). The WAF includes a rule to block SQL injection attempts using a set of conditions provided by Amazon. The…
thelr
  • 140
  • 8
0
votes
1 answer

SNAPT WAF Implementation

I just got the responsibility of implementing and managing the WAF for our SNAPT install. I have the WAF enabled on the Admin page for testing right now. I finally got an error so I can learn what the errors look like and how to fix them. So I need…
Brill
  • 45
  • 1
  • 4
0
votes
2 answers

About an idea to parry DDoS attacks

Background: I'm building a web application using Amazon API Gateway, Amazon S3, AWS Lambda and so on. Note: If you don't know about AWS, any pieces of advice would be highly appreciated. Searching how to protect API Gateway from DDoS attacks, I've…
Nigiri
  • 103
  • 2
0
votes
1 answer

Unable to access Node Server from external network

I have a VM with two public IPs. I have installed OpenStack controller node on the VM. I have access from the external network to Horizon and Keystone service running on apache2 web server on ports 80 and 5000 respectively. However when I run my…
Varun Risbud
  • 11
  • 4
1
2
3 4