Stack Overflow
Stack Overflow

Questions tagged [web-application-firewall]

A web application firewall is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation.

From owasp:

A web application firewall is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked. The effort to perform this customization can be significant and needs to be maintained as the application is modified.

A far more detailed description is available at Wikipedia.

261 questions
0
votes
1 answer

How do you update the NetworkConfiguration of an Azure Cloud Service deployment while it's running

How can we change the IP Restriction Rules while the Cloud Service is running. (A reboot is acceptable). For example, add / remove an IPAddress. We don't really want to redeploy and we definitely don't want to…
Michael Blake
  • 2,068
  • 2
  • 18
  • 31
0
votes
1 answer

Joomla, can't install extensions

I want to install a Joomla extension but I keep get an error: Sorry {ip}, your request cannot be proceeded. For security reason, it was blocked and logged. If you think that was a mistake, please contact the webmaster and enclose the following…
Leonida-Alexandru Diaconu
  • 45
  • 6
0
votes
2 answers

WAF is blocking ASP.NET website due to Scriptresource.axd

ASP.NET (Framework 3.5, IIS 8.5, windows server 2012R2) with Ajax control toolkit is being blocked by WAF (Web Applications Firewall). Following is the screen shot from WAF These are signatures from WAF I tried disabling ajax components at…
Tiyyob
  • 89
  • 1
  • 12
0
votes
1 answer

does ssl on firewall and website conflict with each other

we have had our firewall providers install an SSL certificate on the firewall and if we put an SSL certificate on the server ( website ) then will it conflict or it will run fine ? Any advise on this will be highly appreciated.
Dhaval Chheda
  • 4,637
  • 5
  • 24
  • 44
0
votes
1 answer

Modsecurity waf in nginx server

I am struggling with mod-security WAF in nginx setup any explain what is mod-security and how to implement in nginx. Please help.
Bala
  • 117
  • 4
  • 13
0
votes
1 answer

The requested URL was rejected.

We are getting the following issue while openging the site. Please consult with your administrator.Your support ID is: 12573575673107663300 Can any one help us to fix this issue.
Monti Chandra
  • 432
  • 5
  • 21
0
votes
1 answer

Azure Application Gateway for on-premise load balancer

We have a cisco load balancer on-premise which routes traffic to our DMZ Servers on-premise We want to use Azure Load Balancer or Azure Solutions (AG) which can balance traffic to our DMZ Servers on-premise, basically replace the CISCO with Azure Is…
Mettlus Shaw
  • 69
  • 3
  • 5
0
votes
2 answers

No connection could be made because the target machine actively refused it - client side

As a title suggests, I have encountered an error while trying to connect to the service server. There is quite a resource base on the said error, but most of them assume some level of control over the server. In this case, I (and a team I am part…
erewien
  • 349
  • 4
  • 15
0
votes
1 answer

Deny list and Allow list for Azure Web App

I have an Azure Web app running behind the Azure Application gateway which is configured in WAF mode. I have allowed only Azure Gateway IP and our own public/proxy IP to connect Azure Wab App which means all traffic is being routed to Web is being…
Saurabh Singh
  • 1
0
votes
3 answers

aws cloudformation WAF geo location condition

Trying to create a cloud formation template to configure WAF with geo location condition. Couldnt find the right template yet. Any pointers would be appreciated. http://docs.aws.amazon.com/waf/latest/developerguide/web-acl-geo-conditions.html
Forreading Purpose
  • 11
  • 2
0
votes
1 answer

Microsoft Owin, unable to reach Azure B2C from comporate network

I have ASP.NET MVC web application running on server that is behind firewall. "Forms authenticate" is about to be replaced by Azure B2C. I used Microsoft's OWIN library. I used following tutorial to get started with Azure B2C…
Dzendo
  • 199
  • 3
  • 13
0
votes
1 answer

Wakanda 2 - transitioning a WAF application

After restructuring my Solution/Project files, converting my login listener out of required.js and into a module (setLoginManager), and ensuring that API changes were addressed ... I am getting the following error showing up at the browser level…
Kirk
  • 541
  • 1
  • 4
  • 10
0
votes
0 answers

Tableau dashboard view in SharePoint?

My client would like to use their internal Tableau Server (residing behind the DMZ) to serve up visualizations in a public-facing website. We would like to present the Tableau generated views, dashboard, storyboard, etc. on SharePoint website…
Harrison
  • 161
  • 1
  • 1
  • 9
0
votes
1 answer

Identity Server vs NetScaler ADC

In our company we're currently living the simple AD authentication life for most of our in-house developed applications. But the need for a more advanced security solution comes up more and more. We have websites, apps and services that are not…
Peter Marnef
  • 3
  • 1
0
votes
1 answer

UNION on dynamic SQL statements

What I am trying to accomplish is essentially this: SELECT 1 FROM DUAL UNION EXECUTE IMMEDIATE 'SELECT 2 FROM dual'; I am actually a penetration tester trying to bypass a web application firewall, so I am sure this looks silly/strange from the…
Gray
  • 7,050
  • 2
  • 29
  • 52
1 2 3
17 18