-
URL/URI Exemption for DDOS for false positive traffic
Would like to request if URL/URI exemption can be excluded in DDOS scanning? So that specific URL/URI path will not be terminated by DDOS protection but still other URL/URI path of the website can be protected. Currently we have client wherein...0
-
Add an header value criteria in WAF Exclusion Rules
Sometimes is useful to exclude WAF processing for some headers value (e.g. based on Content-Type value) to avoid false positives. Today the exclusions rule filter doesn't include headers or headers value. This is now achiavable using routes, but i...6 Will not implement
-
Disable weak ciphers in Customer Edges
Hi, Our security team is reporting the CEs allow connections on weak ciphers. Negotiated with the following insecure cipher suites: * TLS 1.2 ciphers: * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA0
-
Install Private CA cert on Customer Edges
Hi, Our security team would like us to install certs from our Private CA on the Customer Edges. The cert provided by the CEs are expired and untrusted. -
RFE: Add option to strip Server header
I would like to submit a RFE (enhancement request) to allow an additional option to Server Response Header setting when creating HTTP/HTTPS LB: Request to add an option for “Remove” or “Strip” to entirely remove any Server header set by the origin...
0
-
Send Request and Response Payloads in the Global Log Receiver's Request Logs
Add the payloads of both the request and response when sending request logs to a global log receiver, there is already a key for each of them (req_body and rsp_body)0
-
Auto-Mitigation feature of CSD
WAAP's CSD(Client-Side Defense) can detect web skimming threats, but it doesn't automatically mitigate them. Users need to regularly check the console and set up mitigation manually if issues arise. But with AWAF Ver. 17.1.0's CSD profile, mitigat...0
-
add a time of day attributed to rate limits
Most applications expect higher volumes during the day and lower volumes over night. Being able to set rate limits for specific times of day will avoid false positives that occur when you try to set a limit that works for the whole day and will al...0
-
Support a new action for malicious user mitigation methods
We currently support CAPTCHA, Block and JS challenge. If we can support 'Header Inserion' as a new action for the malicious user detection feature, customers can consume that the suspicion score in other security devices.
2
-
Script Name Ambiguity
Creating this stemming from Request 354829. Please add functionality to provide additional context around scripts. Scripts are not able to be managed effectively and/or proactively block access to sensitive fields when generic script names are pro...4