Time Period Handler

Purpose

The Time Period Handler can be used to restrict the access to your web application or to parts of your web application based on day of the week and time. Outside these permitted times, vWAF denies requests with a configurable HTTP error code.

For more information regarding adding and editing Handlers, see Editing Handlers.

Severity

Events triggered by this handler are given the severity: low. (For details on severity levels, see Severity of Events Triggered by Handlers).

Recommendations for use

Use the Time Period Handler to permit the use of specific functions in your web application only during standard business hours, for example.

Attributes

Attribute Meaning

valid time

List of time intervals during which vWAF permits access to your web application.

The decisive factor here is the local system time on the server. The individual time intervals can also overlap. You can also specify multiple time intervals for a day. vWAF permits access once the system time is in at least one of the specified time intervals.

This specification is made line by line in the sequence: Day of the week, start time, end time. Select the relevant day of the week and the time intervals from the selection lists displayed.

error code

HTTP error code that vWAF returns when access is made outside the time intervals specified under valid time.

(For an overview of possible error codes, see HTTP Error Codes.)

usertext

Optional:

Here you can specify some text that vWAF adds to the log file entries created by this handler. You can use this, for example, to document why you've added the handler to your configuration, and how the handler is intended to behave.

enable logging

Disable this option if you do not want vWAF to create a log file entry when the handler is executed. This can be useful to keep log files smaller in case the handler creates a large number of entries but you don't need these entries.

When in detection mode, disabling logging de facto makes the handler ineffective. Disabling logging also prevents the actions of the handler from being taken into account for the Top-10 lists in Attack Analysis, and from being listed in Reports. To decrease the size of the log files, also consider to enable reduced logging, which excludes all non-handler-related information from the log files (see Editing Applications).

For details regarding entries added to the log file by this handler, see the relevant section in Entries in Application-Specific Log Files.