WAF (Web Application Firewall) is a security system designed to protect web applications from known vulnerabilities and zero-day threats. WAF in UserGate is used to filter application traffic at the application layer of the TCP/IP model. By passing traffic through a reverse proxy and analyzing incoming and outgoing HTTP/HTTPS traffic, WAF blocks potentially malicious requests and provides increased security for web applications.
If UserGate WAF finds malicious code patterns or other features noted in security signatures in the traffic, the traffic can be blocked and the event is saved in the log.
To configure UserGate WAF, follow these steps:
-
Active license, WAF functionality is displayed in the web interface.
-
System WAF rules are a set of UserGate policy language (UPL) rules. These rules are grouped into System WAF layers.
-
Personal WAF layers are layers with custom sets of UPL rules. Users can create groups with their own UPL rules.
-
WAF profiles are responsible for creating and editing sets of layers with UPL rules. A profile can use both personal layers with user rules and system layers containing system rules.
-
In reverse proxy rules, a new WAF tab has been added to the create/edit rules dialog. In this section, you can select a pre-configured WAF profile that will be used in the reverse proxy rule.