Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [web-application-firewall]

generic term for set of software, web server extensions or hardware designed to filter WWW traffic at the application level in TCP network model.

Web application firewalls allow to create set of rules which both the queries to the server as well as responses from the server must meet before they are allowed to be transferred further.

In most cases they can be considered as IDS (Intrusion Detection Systems) or IPS (Intrusion Prevention Systems).

Common solutions include Apache mod_security module, WebKnight and IronBee software.

47 questions
0
votes
1 answer

Web app architecture - firewall blocking

I'm currently working on a web app and seem to be having a few problems with the app being blocked by office firewalls of our test groups. My background is in design / front end so my knowledge of network stuff is a bit fuzzy. I'll describe our…
Merlin Mason
  • 101
0
votes
1 answer

Barracuda Web Application Firewall WAF - HTTP - Barracuda Does Not Filter Links Clicked on Page

I am trying to figure this out. Basically the virtual IP 192.168.1.110 will filter port 80 to the real ip address 192.168.20.110. I can confirm this in the logs. When I click any link on the page (in wordpress if that matters), it will follow the…
leeman24
  • 147
  • 1
  • 9
0
votes
1 answer

Spoof IPP response in firewall?

How I do to spoof a IPP "Unauthorized" response? Have read the IPP specification documents but cannot find exactly how a IPP response should look like. Any examples? Basically, I have a IPP printer with a firewall in-between, that authenticates…
sebastian nielsen
  • 207
  • 2
  • 10
0
votes
1 answer

HTTP-CLASS-Redirecting traffic-F5

Can we redirect https traffic to a particular real server using http-class in F5? i.e whether http-class works with both http and https traffic.?
Petchirajan Shanmugaraj
  • 11
  • 2
0
votes
1 answer

F5 - URL redirect without irule

I have a main domain - url which is getting load-balanced through VIP between 2 Real Servers in F5 and I want a sub-domain of the main url not to be loadbalanced but to be pointed to a single real server but with the same Virtual IP. How can we do…
Petchirajan Shanmugaraj
  • 11
  • 2
0
votes
1 answer

SonicWALL SRA blocks load test as a DoS attack

I am evaluating the Web Application Firewall (WAF) service on a SonicWALL SRA virtual appliance. When I try to load test the protected website, SonicWALL blocks my requests with this error: "Reset connection to prevent Denial of Service attack - too…
LorettoDave
  • 11
  • 3
0
votes
2 answers

Apache2 mod_security simple default deny rules for specific directory

How to configure the simplest useful default-deny rule set for mod_security? I want to configure mod_security to allow only very specific queries to single directory: In short: I use Apache as a reverse proxy for directory /web_app/, in this…
Hubert Kario
  • 6,361
  • 6
  • 36
  • 65
0
votes
1 answer

Azure Firewall routing to Backend

We are trying to host multiple sites at the backend of Azure Firewall, however we have about 30 different sites and each with their own test\dev and UAT site, which means 30 x 4 and 120 sites, each one is hosted on port 443, all have their own…
Norrin Rad
  • 353
  • 1
  • 5
  • 14
0
votes
1 answer

MSSQL reportserver behind web application firewall

Good Morning everyone! First, please just point me in direction, where can I look into documentation. I should get a consultant, but as a DBA, I want to solve this issue by myself. Issue: Management decision is that report server (RS) website…
JoeSQL
  • 1
  • 1
0
votes
0 answers

How does ClamAV secure its updates online?

Two questions, the second related to the first... How does ClamAV secure its update virus definition operations from its online servers? I will assume (?) that it uses HTTPS for security, but a security specialist has posed the thoughtful question:…
bnoeafk
  • 145
  • 3
0
votes
1 answer

Azure WAF: Using FrontDoors or AplicationGateway?

We need a WAF for our Webservice which we are developing at the moment and I'm not sure if we should use FrontDoors or an ApplicationGateway. For the start, we plan to offer our service just for Europe, so in this case FrontDoors is not necessary…
MolteNolte
  • 5
  • 5
0
votes
2 answers

How do I restrict a specific client, based on their host name, with ModSecurity SecRule?

I am trying to restrict specific hosts (e.g. AWS) from accessing my webserver. I tried different variations of these but it doesn't work. # Block AWS SecRule REQUEST_HEADERS:Host ".*\.amazonaws\.com.*" \ "msg:'AWS…
David
  • 81
  • 1
  • 7
0
votes
2 answers

Putting WAF on a loadbalancer?

at the moment, our application servers are directly accessable on the internet, like the following picture shows. With this in mind, it would be aful if a server crashes (hardware-failure) or stops doing it work somehow. To prevent this, i would…
louis12356
  • 3
  • 1
  • 5
0
votes
1 answer

Azure Application Gateways - VMs from other Virtual Networks

Can I use VMs (backend pools) on different virtual networks to the application gateway? When I try, the VM list is empty. Thanks
Beakie
  • 137
  • 1
  • 8
0
votes
0 answers

WAF(modsecurity) / Plesk IP Banned, is it Googlebot? Is it a false positive? Is it a malicious IP?

I was alerted by my Plesk server that an IP Address had been banned. Normally I don't check banned IPs, but this one happened to coincide with our site going down for 1 minute at the same time. Banned the following ip addresses on Mon Jul 27…
Maurice
  • 141
  • 1
  • 4
1 2
3
4