The early SSLv2 was designed based on the classic public key infrastructure. By default, a server or an IP address could provide only one service so that the server could know which certificate to serve during the SSL handshake. The widespread use of virtual hosts leads to the situation where multiple domain names are mapped […]
HTTP access control policies can prevent websites from unauthorized and malicious access by controlling over HTTP requests that protected resources respond to. NSFOCUS WAF inspects requests and takes actions when a request matches any of policies you specified. Multiple policies can be applied to a single website and evaluated in top-down order. Once a packet […]
With the increasing scale of SSL traffic, its disadvantages are becoming more and more obvious. In HTTPS communication, the client needs to start an SSL handshake with the server after the TCP handshake, which may cause SSL delay. In addition, the web server needs to encrypt and decrypt the data in transit, so the SSL […]
NSFOCUS WAF supports five actions for a specific protection policy. Take HTTP access control as an example. You can specify one of the following actions as required: Pass: Indicates that if an access request matches corresponding parameter settings, NSFOCUS WAF directly forwards it to the destination server without any more security inspections. Accept: Indicates that […]
In the reverse proxy mode, NSFOCUS WAF preserves the real source IP address in the X-forwarded-for header. In this mode, since the destination for clients is the WAF, the WAF will record the real client IP address in this request header and forward the header to the server, which helps keep the entire session. Test […]