NSFOCUS WAF obtains IP Reputation Data Feed from NSFOCUS Threat Intelligence (NTI). NSFOCUS WAF IP Reputation can get the list of IP addresses that have earned a negative reputation through involvement in suspicious activity, including phishing attacks, spam, botnets, DDoS attacks, APT attacks, and more. NSFOCUS WAF will filter high-risk IP addresses from IP Reputation […]
NSFOCUS WAF secures data transmission by restricting domain names, URLs, and request methods, and it can improve transmission security by converting ordinary HTTP requests into HTTPS requests forcibly. Configuration precondition: Configure HTTP and HTTPS sites and ensure that both HTTP and HTTPS sites can be accessed. Configuration method: Step 1: Click Security Management > Website […]
Cross-Site Scripting (XSS) attacks are a type of injection in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to […]
The early SSLv2 was designed based on the classic public key infrastructure. By default, a server or an IP address could provide only one service so that the server could know which certificate to serve during the SSL handshake. The widespread use of virtual hosts leads to the situation where multiple domain names are mapped […]
HTTP access control policies can prevent websites from unauthorized and malicious access by controlling over HTTP requests that protected resources respond to. NSFOCUS WAF inspects requests and takes actions when a request matches any of policies you specified. Multiple policies can be applied to a single website and evaluated in top-down order. Once a packet […]
With the increasing scale of SSL traffic, its disadvantages are becoming more and more obvious. In HTTPS communication, the client needs to start an SSL handshake with the server after the TCP handshake, which may cause SSL delay. In addition, the web server needs to encrypt and decrypt the data in transit, so the SSL […]
NSFOCUS WAF supports five actions for a specific protection policy. Take HTTP access control as an example. You can specify one of the following actions as required: Pass: Indicates that if an access request matches corresponding parameter settings, NSFOCUS WAF directly forwards it to the destination server without any more security inspections. Accept: Indicates that […]
In the reverse proxy mode, NSFOCUS WAF preserves the real source IP address in the X-forwarded-for header. In this mode, since the destination for clients is the WAF, the WAF will record the real client IP address in this request header and forward the header to the server, which helps keep the entire session. Test […]