{{ secondMenu.name }}
Web App Firewall is a set of protection policies to protect LAN Web servers from Web application attacks, including system command injections, SQL injections, and XSS attacks. It also allows configuration against data leakage of Web servers. See the figure below.
Default Template: Enable regular WEB protection (by default) and disable scanner block.
Default Template II (Scanner Blocker enabled for non-proxy access): Enable regular Web protection (by default) and Scanner Blocker.
Click Add to create a web app protection template, as shown in the figure below.
Template Name: Define the name of the template.
Description: Define the description of the template.
Network Secure Protection: Set up protection against server attacks.
Port: Specify the port of the protected server. This value is generally set to the server port. After setting, when the user accesses the server port, the system performs attack detection. For the HTTP port, you can also select Also protect HTTP access on other ports for auto-learning. See the figure below.
In Attack Type, click SQL Injection,XSS Attack,Trojan,Website Scan,WebShell,CSRF,OS Command. In the Select Attack Type dialog box, select attack types. The device will prevent attacks against this service type.
| Protection Type |
Note |
| SQL Injection |
By exploiting security vulnerabilities in design, attackers paste the SQL code to input boxes on web pages to obtain network resources or change data. |
| XSS Attack |
Short for cross-site scripting (XSS), XSS is a computer security vulnerability frequently seen in Web apps. It allows attackers to implant code into pages provided to other users. In the HTML code and client script, attackers can exploit XSS vulnerabilities to bypass access control and intercept data like accounts. |
| Trojan |
Trojan is an HTML web page wittily designed by hackers. When a user visits such a web page, the script embedded in it exploits the browser vulnerability to download and run the Trojan placed by the hacker on the browser. |
| Website Scan |
The structure and vulnerabilities of a website are scanned. |
| WebShell |
Also called the website backdoor Trojan, WebShell is a script tool for web intrusion and appears as an ASP, PHP, or JSP program page. After hacking a website, attackers usually place Trojans in the server's Web directory and mix it with normal web pages. Via WebShell, hackers can control the victim's website for a long time. |
| CSRF |
Cross-Site Request Forgery is an attack that attackers exploit trusted websites by disguising requests from trusted users. |
| OS Command Injection |
By exploiting server OS vulnerabilities, attackers transmit OS commands to the server via Web access to obtain network resources or change data. |
| File Inclusion |
It is a malicious attack against PHP websites. When PHP variables are not strictly filtered and unknown whether the parameter is from a local or remote host, a file on the remote host may be specified as a parameter and submitted to the variable pointing. If the submitted file contains a malicious code or even a Trojan, the code or Trojan in the file will be successfully executed with the Web's permission. |
| Path Traversal |
Attackers access restricted directories outside the Web server's root directory by adding "../" or variants to any directory of the Web server or special directories through a browser. |
| Information Disclosure |
This vulnerability is caused by an incorrect Web server configuration or its security vulnerability. As a result, system files or configuration files are exposed to the Internet and sensitive information of the Web server is prone to leakage, including username, password, source code, server information, and configuration information. |
| Website vulnerabilities |
It provides safe, reliable, and high-quality protection for specific vulnerabilities in well-known whole-site Web systems. |
| WebShell Backdoor |
Having known a web system vulnerability, attackers may use it to implant a WebShell page into the Web system, and access the database through the WebShell page. In doing so, they can execute system commands to control the Web system for a long time. |
| Custom WAF Signature |
The user can customize the protection rules for server protection in Custom Rules. |
Table 21:Description of Web App Protection Types
Protection features: The main functions are Application Hiding, Password Protection, Privilege Control, HTTP Request Anomaly, and Scanner Blocker. To enable advanced protection features, click Advanced for settings.
{{ $t('index.defaultHeader.chromeBrowserTip') }}