Stack Overflow
Stack Overflow

Questions tagged [web-application-firewall]

A web application firewall is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation.

From owasp:

A web application firewall is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked. The effort to perform this customization can be significant and needs to be maintained as the application is modified.

A far more detailed description is available at Wikipedia.

261 questions
1
vote
0 answers

problem accessing soap web service's production environment

I hope this question won't be marked as duplicate as I read many related questions and answers on the site: although I tried most of the suggestions out there I still couldn't resolve my problem. My codebase : (I left comments on purpose to give an…
mrossw
  • 45
  • 5
1
vote
0 answers

AWS Waf: Allow your own domain in AWSManagedRulesCommonRuleSet#GenericRFI_BODY

Currently my WAF is blocking requests that contain a reference to a resource on my own domain. For example the body of a request can look like : { "myPicture": "https://example.com/user1/profilePicture", "username": "user1" } I could ignore…
xtra
  • 1,957
  • 4
  • 22
  • 40
1
vote
0 answers

CloudFlare HMAC validation using cookie instead of request URI

Premise: I have an existing application with its own ACL. I've also implemented the CloudFlare WAF. My client's organization has not yet implemented a VPN. We are seeing a lot of false-positives from the WAF for normal behavior in the…
Tyler V.
  • 2,471
  • 21
  • 44
1
vote
1 answer

Regex PCRE pattern to select all routes starting with /first-url-segment/ AND do not include "iframe" in the latter part of the URL

I am trying to filter out paths that start with certain string but do not have the "iframe" substring in it. Here is what seems to be working for me https://regex101.com/r/rIMFDP/1 ^\/csr_and_sustainability_information\/(?!.*iframe) but on amazon…
Hairi
  • 3,318
  • 2
  • 29
  • 68
1
vote
1 answer

Modesecurity: Create SecRule exclusion for REQUEST_HEADERS:Transfer-Encoding

I want to create an exclusion to disable specific rule (ID:920180) in my system. how should i write the syntax in REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf Here my exclusion but I'm not sure fully covered to disable it: SecRule…
hammer89
  • 343
  • 1
  • 5
  • 13
1
vote
1 answer

Cloud Armor logs aren't very clear when rule is set as "Preview only"

I'm deploying WAF with Cloud Armor and I realized that the rules can be created in a "Preview only" mode and that there are Cloud Armor entries in Cloud Logging. The problem is that when I create a "Preview only" rule and that rule is matched by…
deniable_encryption
  • 107
  • 1
  • 7
1
vote
0 answers

Wafv2 with terraform. how to do I exclude rules?

I created a WAFV2 as a modules and this is part of my code name = var.name description = "WAFv2 ACL for ${var.name}" scope = var.scope default_action { allow {} } visibility_config { cloudwatch_metrics_enabled = true …
louis benagha
  • 67
  • 1
  • 8
1
vote
1 answer

Whitelisting cross tenant subnet in storage account firewall in azure

I want to access a storage account residing in Azure AD Tenant(say tenant id T1) from a subnet(say S1) residing in other Azure AD Tenant(say tenant id T2). Using azure CLI I was able to add this existing vent/subnet in Firewalls and virtual networks…
abhi195
  • 55
  • 1
  • 1
  • 10
1
vote
1 answer

I can't find a clear explanation on how WAF works with Application Load balancer regarding its Architecture

Basically my question is: Based on what I've read, my impression was that the flow goes ALB -> WAF, not WAF -> ALB, since the ALB is the one listening on the public IP and you can't have a WAF without an ALB (unless you're doing it through…
gcg27
  • 77
  • 2
  • 8
1
vote
2 answers

Need help decoding a cross site scripting javascript attack

Someone posted on Twitter (not sure if I can link it here) a cross site scripting bypass for Imperva Web Application Firewalls. Which looks as…
Sebast1aan
  • 19
  • 2
1
vote
1 answer

How To Disable Azure WAF Mandatory rule?

{ "timeStamp": "2021-01-29T11:03:40+00:00", "resourceId": "/SUBSCRIPTIONS/0000000000-0000000-0000000-000/RESOURCEGROUPS/resourcegroup/PROVIDERS/MICROSOFT.NETWORK/APPLICATIONGATEWAYS/WAF-GATEWAY", "operationName":…
Jerin Joy
  • 63
  • 2
  • 12
1
vote
1 answer

Use of Web Application Firewall in front of a Azure Function App

I have a light-weight function running in an Azure Function App. The function connects to an API endpoint over the internet as illustrated in the following diagram. It will always be outbound connections only. My question is do I need to use a web…
atokpas
  • 3,231
  • 1
  • 11
  • 22
1
vote
2 answers

Wordpress and F5 WAF - Infinite loop due to SSL

I have a wordpress website on https and it was working fine without the implementation of F5 WAF on the server. But as soon as the WAF is enabled, the website goes onto an infinite loop. After debugging I found that the wordpress is doing 301…
Muhammad Jamil
  • 33
  • 5
1
vote
1 answer

Do I need a Web Application Firewall if my APIs are protected with OAuth?

I implemented a micro-service model and each API is protected using bearer token authentication... no service logic is executed unless a valid OAuth token is provided as part of the request header. What problem does using a Web Application Firewall…
mdarefull
  • 829
  • 2
  • 14
  • 24
1
vote
0 answers

Nginx removes Content-Length header when acting as reverse proxy behind a WAF

I have Nginx 1.16.1 as a reverse proxy for JFrog Artifactory and they are reachable from the external networks via web application firewall. I am trying to get docker client working with this setup. It sends a HEAD request and awaits a…
Danny Lo
  • 1,553
  • 4
  • 26
  • 48
1 2 3
17 18