We are very excited to announce next generation behavioral Web Application Firewall (WAF) technology integrated with our Pull Zones. It is an online security solution that filters out bad HTTP traffic between a client and web application by which it quarantines and filters malicious traffic reducing the impact on end-users and revenue. Unlike the traditional security solutions like network firewall, the Web application firewalls provide an effective solution for detecting the threats by examining incoming HTTP requests before they even reach the server. The WAF detects and block malicious attacks woven into safe-looking website traffic that may have slipped through the traditional security solutions.
To Implement WAF and filter your traffic for your Pull Zone please follow the below procedure.
- Go to Zones > HTTP Pull Zone > Click on the Manage button for the appropriate Zone.
- Please make sure to disable Origin Shield before enabling WAF. To do this go to Origin Shield section under the Pull and keep it unchecked and save it.
Now go to WAF > Settings > select WAF is Enabled from the drop down menu and click Update.
The above steps will enable WAF for your selected pull zone and now you need to Implement the Required Policy and Ruleset. By default Application DDoS Protection will be active for Pull Zone once you have enabled WAF for it. We have additional policies which may be used as per custom requirements. For example, if you need additional CSRF attacks protection you can enable it by going to the Policy options available under WAF and select CSRF protection and enable it by clicking on the button near to Block CSRF Attacks. To filter your Traffic in your own custom way you need to create custom WAF RULEs using the option RULES available under WAF section. RULES are basically made by integrating the conditions set by the user with the appropriate Actions. To create a new Ruleset click on Rules > Add New Rule. In the redirected page provide the required Rule Name that you want to monitor.