Skip to main content
Version: v7

KB-9013

How to configure WAF CE when it is running on the application server?

Problem statement

User wants to use Haltdos WAF CE while being installed on application server.

Solution

In Haltdos WAF CE, Users can install the solution on the same server on which application is handling the requests. In order to make a proper flow, user need to follow below-mentioned steps;

  1. In the first step users need to install the Haltdos Community WAF, Users can follow our guided document to install the Haltdos WAF CE. Doc - link

  2. Post installation, users need to log in to the Haltdos WAF CE Web UI console using below-mentioned URL.

(https://<\managementIP>:9000)

Note

User can log in first time with credential which they have set at the time of registering the license.

  1. In order to achieve the desired outcome, user need to add listening port on Haltdos WAF (like 80 or 443) so that all the requests coming from clients are first serve by the WAF CE solution.

  1. Post WAF inspection, user requests need to be forward to the backend application which is hosted on the same server. To achieve this outcome, we need to make two changes in our configuration:

a. User need to change the backend server listening port (other than 80 or 443, example 8443) in the backend application code.

b. Now, post WAF security inspection, user need forward the requests to the backend server which is hosted in the same machine but on different port number. So user need to go to following path: Home > WAF > server Farm > Servers and change the backend server IP to 127.0.0.1 and port to the application listening port (which we have changed in last step)

In this way, we can achieve the required outcome. The flow of request will be mentioned below;

  1. User request will first come on server IP with WAF listening port numbers,

  2. Post WAF security inspection, user request will be forwarded to localhost with the port number mentioned in server farm.

  3. The application will listen the user request and respond back to the local host machine.

  4. WAF CE solution will forward the request back to the user's machine.

In this way, we can configure the Haltdos WAF CE solution in the same application server.