WAF
What is WAF?
Web Application Firewall (WAF) monitors, filters or blocks the traffic to and from a web application. A WAF inspects every HTML, HTTPS, SOAP and XML-RPC data packet. This firewall enables preventing attacks such as cross-site scripting (XSS), SQL injection, session hijacking, and buffer overflows through customizable web security rules.
Enable WAF, including OWASP rules and definitions
Drupal Exclusion Rules Request
These rules disable CRS on a set of well-known parameter fields that are often the source of false positives or false alarms of the CRS. This includes the session cookie, the password fields and article/node bodies.
Wordpress Exclusion Rules Request
These exclusions remedy false positives in a default WordPress install.
IP Reputation Request
These rules deal with detecting traffic from IPs that have previously been involved in malicious activity, either on our local site or globally.
Method Enforcement Request
this rule detects HTTP Request Method Anomalies.
DdoS Protection Request
these rules will attempt to detect some level 7 DoS (Denial of Service) attacks against your server.
Scanner Detection Request
these rules are concentrated around detecting security tools and scanners.
Protocol Enforcement Request
these rules center around detecting requests that either violate HTTP or represent a request that no modern browser would generate, for instance missing a user-agent.
Protocol Attack Request
these rules focus on specific attacks against the HTTP protocol itself such as HTTP Request Smuggling and Response Splitting.
Application Attack LFI Request
these rules attempt to detect when a user is trying to include a file that would be local to the webserver that they should not have access to. Exploiting this type of attack can lead to the web application or server being compromised.
Application Attack RFI Request
these rules attempt to detect when a user is trying to include a remote resource into the web application that will be executed. Exploiting this type of attack can lead to the web application or server being compromised.
Application Attack RCE Request
this rule detects Unix command injections and protects against Remote Code Execution
Application Attack PHP Request
this rule detects PHP open tags "<?" and "<?php". Also detects "[php]", "[/php]" and "[\php]" tags used by some applications to indicate PHP dynamic content.
Application Attack XSS Request
these rules are intended to prevent all cross-site scripting (XSS) attacks in your CDN resources and the CDN Accelerator.
Application Attack Sqli Request
these rules protect against common initial SQL injection attacks where attackers insert quote characters to the existing normal payload to see how the database responds.
Application Attack Session Fixation Request
these rules focus around providing protection against Session Fixation attacks.
Blocking Evaluation Request
these rules provide the anomaly based blocking for a given request.
Data Leakages Response
these rules provide protection against data leakages that may occur generally.
Data Leakages SQL Response
these rules provide protection against data leakages that may occur from backend SQL servers. Often these are indicative of SQL injection issues being present.
Data Leakages Java Response
these rules provide protection against data leakages that may occur because of Java.
Data Leakages PHP Response
these rules provide protection against data leakages that may occur because of PHP.
Data Leakages IIS Response
these rules provide protection against data leakages that may occur because of Microsoft IIS.
Blocking Evaluation Response
these rules provide the anomaly based blocking for a given response.
Correlation Response
these rules facilitate the gathering of data about successful and unsuccessful attacks on the server.
How to configure WAF
You can select Enable OWASP TOP THREADS in CDN Resources ->Safety Protection ->WAF, and then select the OWASP rule you want to enable.