Using The Web Application Firewall


#1

Web Application Firewall

The WAF (Web Application Firewall) is a security tool created to scan incoming packets and requests to your site, which it will then deny the connection if there is some suspicious about the request or connection.

To update your Web Application Firewall settings, please follow the steps below:

  1. Login to your WCP Control Panel

    Note: You can view our topic on logging into WCP if you need help with this step.


  2. Next, select the appropriate domain name from the “Hosted Domains” drop-down menu.


Enable Web Application Firewall For A Domain

Enabling this feature is quick and easy. Just follow these steps to enable the Web Application firewall for your domain:

  1. Once WCP has loaded the desired domain, navigate to the “Security” category and select the “Web Application Firewall” button.

    WCP_DomainControlPanel_Security_Web_Application_Firewall_Button

  2. After selecting “Web Application Firewall” button, you are presented with a list of the available domains which can have the Web Application Firewall enabled for them.

  3. When you have located the desired domain or subdomain, select the “Configuration” button to the right of that domain name.

  4. You are now presented dialog box for that domain’s Web Application Firewall status. Simply use the drop-down menu to select the “Enabled” option.


  5. Once the drop-down option is set as desired, select the green “Save Settings” button to activate the changes.

    Note: You can activate the “Inspect Post Body” by selecting the checkbox. This will allow the WAF to further inspect the POST request coming into the site to block potentially malicious POST requests.

Disable Web Application Firewall For A Domain

Disabling the Web Application Firewall can sometimes be necessary when troubleshooting or debugging faulty code or improper site behavior. You can quickly disable your WAF by following these steps:

  1. Once WCP has loaded the desired domain, navigate to the “Security” category and select the “Web Application Firewall” button.

    WCP_DomainControlPanel_Security_Web_Application_Firewall_Button

  2. After selecting “Web Application Firewall” button, you are presented with a list of the available domains which can have the Web Application Firewall enabled for them.

  3. When you have located the desired domain or subdomain, select the “Configuration” button to the right of that domain name.

  4. You are now presented dialog box for that domain’s Web Application Firewall status. Simply use the drop-down menu to select the “Disable” option.

  5. Once the drop-down option is set as desired, select the green “Save Settings” button to implement the changes.

The WAF’s security processes will run in the background. These processes cannot be influenced further than to enable or disable them. Think of it like a WCP based “Mod Security Application”

That’s it! Your site’s WAF settings have now been modified your desired status. That concludes this tutorial regarding the Web Application Firewall utility in the WCP Control Panel.