Chapter 9: Web Application Firewall
You use web application firewall policies to scan HTTP requests and responses against known attack signatures and methods and filter matching traffic. This section includes the following topics:
- Web application firewall basics
- Web application firewall configuration overview
- Configuring an OWASP TOP10 profile
- Configuring a WAF Profile
- Configuring WAF Action objects
- Configuring WAF Exception objects
- Configuring a Web Attack Signature policy
- Using the Signature Creation Wizard
- Configuring a URL Protection policy
- Configuring an Advanced Protection policy
- Configuring an HTTP Protocol Constraint policy
- Configuring CSRF protection
- Configuring brute force attack detection
- Configuring an SQL/XSS Injection Detection policy
- Configuring a Bot Detection policy
- Configuring a Cookie Security policy
- Configuring sensitive data protection
- Configuring Cross-Origin Resource Sharing (CORS) protection
- Configuring XML Detection
- Configuring JSON detection
- Importing XML schema
- Uploading WSDL files
- Configuring Input Validation
- Web Vulnerability Scanner
- Web Anti-Defacement