Application Virtualization Handler

Purpose

The Application Virtualization Handler replaces one host name with another in requests.

In addition, the Application Virtualization Handler can also replace the host name in responses if a response conforms to a specified content type.

For more information regarding adding and editing Handlers, see Editing Handlers.

Severity

Events triggered by this handler are given the severity: low. (For details on severity levels, see Severity of Events Triggered by Handlers.

Recommendations for Use

Use the Application Virtualization Handler when your web application is being moved to a new domain (new host name), but the web application uses permanently programmed paths, for example. You don’t then need to reprogram your web application.

By replacing a host name in the response, you can conceal which server a response is coming from.

Attributes

Attribute	Meaning
rewrite response-content types	This feature is ignored in detection mode. If the Application Virtualization Handler is active, vWAF always replaces the host name in requests, but only in the responses to these requests if these have a specific Content Type (Internet Media Type, MIME Type). Specify the content types for which the replacement is to be made in the response. Examples: `text/html` HTML files (.htm, .html, .shtml) `text/plain` pure text files (.txt)
rewrite hostname	In each of the left-hand columns, enter the host name to be used and seen by the user. In the right-hand column, enter the host name that vWAF is to forward to the web application instead.
usertext	Optional: Here you can specify some text that vWAF adds to the log file entries created by this handler. You can use this, for example, to document why you’ve added the handler to your configuration, and how the handler is intended to behave.
enable logging	Disable this option if you do not want vWAF to create a log file entry when the handler is executed. This can be useful to keep log files smaller in case the handler creates a large number of entries but you don’t need these entries. When in detection mode, disabling logging de facto makes the handler ineffective. Disabling logging also prevents the actions of the handler from being taken into account for the Top-10 lists in Attack Analysis, and from being listed in Reports. To decrease the size of the log files, also consider to enable reduced logging, which excludes all non-handler-related information from the log files (see Editing Applications).