ASL WAF
Contents |
Introduction
Configuration
The ASL WAF is initially configured during the install of ASL.
Once ASL is installed, you can configure the WAF through three parts of the ASL GUI:
WAF Tab
This tab is used to setup the WAF. There are three types of WAF you can configure:
embedded
The embedded WAF is an apache module that is installed on any local Apache installations. This should be setup by default, if you are running apache on the system.
local
This type of WAF is used to protect any local HTTP and/or HTTPS services that may be running on the system itself, where the embedded WAF module can not be used. For example, if the system was running a tomcat or litespeed, which do not support the WAF embedded WAF module. You can configure a WAF to protect these services.
To setup a local WAF simply
remote
This type of WAF is used to protect any remote HTTP and/or HTTPS services that are not running on the system itself. For example, if you have a remote webserver you wish to protect, you can configure a WAF to protect these services.
To setup a remote WAF simply
ASL Configuration Settings
Rule Manager
The Rule manager can be used to configure individual WAF rules, such as what response the system such take for that rule, if an email or GUI alert should be presented, and so on. The following are the options you can use for each rule: