Last updated on: 2023-05-31 20:07:09.

Lab 4 - Add WAAP protection

../../../_images/lab4-archi.png

Create a WAAP policy

  • In App Firewall menu, create a new App Firewall objects
  • Configure it as you want :) This is not new for you, so enable the settings your want (default or custom), but keep the policy in Blocking mode
../../../_images/waf-policy.png

Assign the WAAP policy to your Distributed Load Balancer

  • Assign this new WAAP policy onto your Distributed Load Balancer

    ../../../_images/waf-lb.png

  • Test your App by sending Attacks and Bot requests

Note

Attack example. Add this string in the URI ?a=<script>alert(‘pwned’)</script>

Note

Bot example. Use curl curl --user-agent "Download Ninja2" http://sentence.volt-staging.emea.f5se.com

  • Check your Security Monitoring dashboard

    ../../../_images/security-event.png