Wizards
Wizards (assistants) help you to carry out the most important configurations step by step. There are some wizards that act on global level, but most wizards act on application level.
Global Wizards
The following wizards are available globally:
-
Assists you in setting up new applications step by step.
-
The wizard guides you through the process of setting up IP blacklisting, which provides a means to temporarily block all traffic for specific IP addresses or ranges of IP addresses. The wizard configures both global and application level settings.
Wizards on application level
Note that not all settings available in vWAF can be made using wizards. For special settings you can configure the relevant handlers manually (see Editing Handlers and Handlers).
The settings made via a wizard always apply to an entire application, this means that they relate to all paths that might be defined. Information on opening and using the wizards can be found under Using Wizards to Configure Applications.
If you want to view the changes that a wizard has made to your security configuration on the level of the individual handlers, you can follow these in the change log (see Reviewing and Discarding Ruleset Changes).
The following wizards are available on application level:
-
Configures vWAF so that it detects links from external websites to your own web application. When a maximum number of requests occur on a page, vWAF blocks the access or diverts to a particular page, which can be used to display an appropriate warning, for example.
-
Used as a simple method to block undesirable programs automatically accessing a web application. The check is carried out via the User Agent field in the HTTP header.
Undesirable User Agents are denied by vWAF with HTTP error code 403 (Forbidden).
-
Provides your web application with comprehensive general protection, based on blacklisting of known vulnerabilities and attacks. This gives you instant security with the click of a button.
-
Creates rules according to a vulnerability report generated by the CodeProfiler application security analyzer from Virtual Forge.
-
Configures vWAF so that it denies queries with an undesirable HTTP referer header. The first query in an HTTP session may also only be sent to specific “entry point” pages, otherwise vWAF responds to this with an HTTP redirect to the start page for your web application.
-
The wizard guides you through the process of setting up IP blacklisting, which provides a means to temporarily block all traffic for specific IP addresses or ranges of IP addresses. The wizard configures both global and application level settings.
-
Creates a basic configuration especially for the web application Microsoft Outlook Web Access.
-
If, despite all the precautionary measures, an attack on your web application does succeed, the Payment Card Industry Wizard prevents credit card numbers reaching the outside world. To do this, the wizard configures vWAF so that it continually searches all responses from the server for credit card numbers and makes them unreadable.
-
Response Header Security Wizard
Configures vWAF response header security options to improve client side security. These options help prevent attacks such as malicious code embedded in frames, cross site scripting and attacks based on browser MIME-type vulnerabilities.
-
Configures vWAF so that it establishes a separate, secure session between the web server and the client. A cryptographically secure session ID is transferred into a cookie in the process. In addition, vWAF also saves all other cookies of the web application and re-inserts them for the next request. This means that these cookies can no longer be manipulated by an attacker.
-
Imports vulnerability data identified by the Sentinel Scanner from WhiteHat Security Inc. and creates a set of blacklist rules based on the vulnerabilities listed in the report.
-
Automatically creates custom security configuration rules for your specific web application.
-
Vulnerability description Import Wizard
Automatically reads the report of a source code analyzing tool and creates a set of blacklist rules based on the vulnerable entry points and variables listed in that report.