WAF Management

Add or Edit WAF Policy

Add or Edit WAF Policy

Typical Check Points

Example: http://www.yourdomain.com/blog/show.php?id=1&category=2

URLPath: /blog/show.php
URLQuery: id=1&category=2
GetPostKey: [id, category]
GetPostValue: [1, 2]

GetPostKey, GetPostValue used for both GET and POST method
If you want to check url values only ( GET Only ), please select URLQuery .

Regular Expression

Janusec Application Gateway adopts Google RE2 Regular Expression . In order to simplify configuration, Janusec Application Gateway will preprocess the values to be detected. Typically, remove ' and " , replace /**/ by white space etc. Example:

Regex:

(?i)\s+(and|or)\s+[\w\p{L}]+=[\w\p{L}]+$

will cover these values:

1' aNd '1'='1
abc' oR "abc"="abc
1'/**/And/**/'a'='a

Note:

p{L} used for unicode character.

Action

Block

Block Information of Janusec Application Gateway

CAPTCHA

Usually used for CC attacks or frequently requests.

Captcha of Janusec Application Gateway

©JANUSEC All Rights Reserved.      Contact: support#janusec.com    QQ Group: 776900157