Stack Overflow
Stack Overflow

Questions tagged [web-application-firewall]

A web application firewall is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation.

From owasp:

A web application firewall is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked. The effort to perform this customization can be significant and needs to be maintained as the application is modified.

A far more detailed description is available at Wikipedia.

261 questions
1
vote
0 answers

AWS CDK: deploy error "Error reason: EXACTLY_ONE_CONDITION_REQUIRED, field: MANAGED_RULE_GROUP_CONFIG, parameter: ManagedRuleGroupConfig"

below environment node-js: 16.16.0 aws-cdk: 2.41.0 When I just tried cdk deploy it gives me the following error: Resource handler returned message: "Error reason: EXACTLY_ONE_CONDITION_REQUIRED, field: MANAGED_RULE_GROUP_CONFIG, parameter:…
tkworks
  • 11
  • 2
1
vote
0 answers

Azure policy which enforces frontdoor firewall to allow only certain IP's

I need to create a Azure policy which enforces frontdoor firewall to allow only certain IP's Something like…
NA0606
  • 65
  • 1
  • 6
1
vote
1 answer

Is there a difference between Cloudflare headers CF-Connecting-IP and True-Client-IP?

I'm using Cloudflare's Web Application Firewall - WAF. I don't want clients connecting directly to my application server, but once Cloudflare WAF forwards the traffic to the server I would like to know the IP address of the original client. For…
Yossi G.
  • 939
  • 1
  • 8
  • 22
1
vote
2 answers

Are there open-source WAF solutions?

I am looking for an open-source WAF solution that could be deployed in Kubernetes. I've looked a ModSecurity but it seems like good rules cost money and it also requires lots of tuning.
ladaat
  • 11
  • 2
1
vote
1 answer

IP Whitelisting

We have an application hosted in AWS where for which we need to implement IP whitelisting. We don't use API gateway. I believe WAF will sit right after load balancer (correct me if I'm wrong). How can we feed allow IP address list to WAF from…
heart_coder
  • 189
  • 13
1
vote
1 answer

Cloud Armor Waf - How to forward rate based ban to recaptcha?

I successfully got rate-based-limit working in Cloud Armor. reCaptcha works for me too. But I'm looking for a solution if cloud armor rate based can redirect users to recaptcha after exceeding some number of requests? rate-based-limit gcloud beta…
rrob
  • 179
  • 1
  • 9
1
vote
2 answers

Azure WAF exclusion - (RFI) Attack

I'm working on a WAF policy. Currently, the WAF is on detection mode and I've been creating exclusions and identifying false positives etc. There is one rule I'm struggling to implement and it concerns RFI. Specifically this: Rule ID:…
moonraker
  • 11
  • 3
1
vote
1 answer

AWS WAF Rate-limit per hostname

So far we've been using rate limit rule for a single host - 300 requests per 5 minutes for foo.dev.com (entry resolves to ALB) Now we want to split a bit more the rule so that we have different rules for different hostnames (all resolving same ALB)…
Vese
  • 43
  • 3
1
vote
1 answer

WAF - 200003 Multipart Request Body Strict Validation

I have an application that was doing call to Azure Application Gateway and it was failing when the following rule was enforced: RuleId: 200003 Description: Multipart Request Body Strict Validation The call was to a PUT endpoint, passing 2 files in…
Bonomi
  • 2,541
  • 5
  • 39
  • 51
1
vote
1 answer

How do I create a rule to block all user agents with ModSecurity V3?

I want to add a custom ModSecurity (V3) rule that can block all user agents, and allow me to whitelist certain User Agents from a file. If this is possible, if someone could share the rule with me, that would be great. I cannot seem to figure out…
LordZeus
  • 39
  • 4
1
vote
2 answers

WAF Rule to block all http/https traffic using Azure Application gateway

When configuring WAFs I'm used to configuring the lowest priority rule to block all inbound http/https traffic. I then add higher priority allow rules to open up the access I require. I cant see how I can create a "block all" rule in the Azure…
iasksillyquestions
  • 5,558
  • 12
  • 53
  • 75
1
vote
1 answer

App Insights cookies are blocked by Azure Firewall

We use Application Insights on Frontend and we also use Azure Front Door with WAF(Web Application Firewall) policy. I can see in WAF logs that a lot of requests are blocked by some WAF Managed Rules. When I have inspected the WAF logs I found out…
Petofi
  • 481
  • 5
  • 16
1
vote
1 answer

How to add firewall manager new ATP rule using cloudformation?

I'm trying to add AWS Fraud Control account takeover prevention rule using CloudFormation, but I cannot seem to find the correct syntax for its configuration. The WAFv2 API support the argument ManagedRuleGroupConfigs however, the Firewall Manager…
9rnt
  • 96
  • 8
1
vote
1 answer

How to Configure Pfsense HAProxy HTTP HealthCheck Failover

I have two backend web servers, and i need to monitor them using httpcheck by checking the URL and looking for a string to be present in the response of the request. if the string is not available switch the backend to another…
T.Anand
  • 463
  • 2
  • 6
  • 19
1
vote
1 answer

AWS network firewall with Suricata rules

I'm looking into implementing AWS Network Firewall with Suricata IPS rules, and find it really hard to find real examples and ideas of what is relevant regarding rules etc. Our customer put emphasis on IPS, IDS and anti-malware. My setup today is…
Patrik Bäckström
  • 117
  • 1
  • 1
  • 6
1 2 3
17 18