How can I manage my Web Application Firewall (WAF)?

Of course we want to make the use of our web hosting as easy and comfortable as possible, taking into account the best security for our customers.

For this reason, every website is always marked with a s.g. Web application firewall protected.

With the web application firewall, also known as WAF for short, we recognize attacks (e.g. SQL injections and cross-site scripting) and fend them off before they reach your website. To do this, every access to your website is compared with a set of rules. If the verification fails, the event is logged and access is blocked with an error code. You can call up the respective log under "Actions" in your web hosting panel.

A WAF examines all requests sent to a web server and their responses. If the firewall recognizes suspicious or dangerous patterns, it blocks further communication of the respective client or entire data streams. Among other things, the firewall analyzes the received input parameters for the form fields of the web application and blocks parameters that do not correspond to the defined specifications.

Log in to the CloudPit

To log into CloudPit, go to https://cloudpit.easyname.com.

Navigate to your web hosting settings

From the list, select the desired hosting whose management options you want to switch to. Click on "Manage" in the right column.

You are now in the overview of your web hosting. Here you manage the tariff, database settings, FTP access, PHP and firewall settings for your domains.

The Web Application Firewall is located in the left menu under the Security category.

How to change firewall settings for your domain

In the menu on the left, click on "Security" and then "Website Firewall (WAF)". You will see below a list of all domain names in your hosting and you can choose from three options for your firewall for each domain.

Option: FIREWALL ON

Accesses to your website are compared with a set of rules. If the verification fails, the event is logged and access is blocked with an error code. You can call up the respective log under "Actions".

Option: DETECT ONLY

Accesses to your website are compared with a set of rules. If the check is negative, the result is only logged, but no further action is taken. You can call up the respective log under "Actions".

Option: FIREWALL OFF

No protection - incoming traffic to your website is not checked.

Commentaires sur l'article: