NSFOCUS WAF supports multiple running modes. You can modify the running mode based on the network topology. Deployment Topology Deployment Topology can be set to In-Path, Out-of-Path, Reverse Proxy, Mirroring or Plugin-enabled. Mode Configuration Mode Configuration can be set to one of the following values (modes vary with deployment topologies): Emergency Mode After entering the […]

Exception policies are supplements or restrictions to configured basic or advanced protection policies. On the Exception Policy page, you can create, edit, delete, and duplicate exception policies. You can also create and edit exception policies on the Website Protection page. Configuration procedure: Choose Security Management > Policy Management > Exception Policy, click Create in the […]

In the versions before 6.0.7.3.61634, after users upgrade the NSFOCUS WAF Rule Database, they have to add the new rules one by one to the website’s policy based on the rule name or the rule number manually to apply the new policies. To improve user experience, the NSFOCUS WAF version 6.0.7.3.61634 has optimized this functionality. […]

Logging events is a critical aspect of software development. While there are lots of frameworks available in Java ecosystem, Log4j has been the most popular for decades, due to the flexibility and simplicity it provides. Apache Log4j is part of the Apache Logging Services, a project of the Apache Software Foundation. Log4j 2 is a […]

This article describes how to configure security policies on NSFOCUS WAF for protection against some common SSL vulnerabilities. TLS Client-initiated Renegotiation Support on the Server – CVE-2011-1473 This vulnerability exists during SSL renegotiation, and services that use the SSL renegotiation function will be impacted. Although it is currently possible to use HTTPS without enabling the […]