Skip to main content
Version: v7

KB-9017

How to perform the DNS level changes to forward application traffic to Haltdos Community WAF?

Problem Statement

Haltdos Community edition is a free web application firewall edition which protects our application from various types of attacks as well as provide us opportunity to detailed traffic analytics with many other features.

Post completing the installation process users need to configure the application using web console using below URL syntax: https://(WAF IP):9000

Post adding the application users want to forward the application traffic to the Haltdos community WAF so that it start handling the traffic and mitigate malicious requests.

Solution

For solution, we need to understand how Haltdos community WAF is protecting our websites. Haltdos c. WAF is a reverse proxy solution which resides between the client and the server. All the clients will request on the WAF on their IP with port 80 or 443. Users are allowed to change or reconfigure these listening ports.

These listening ports are designed to handle data plane traffic coming from the clients. Users can use this document to change or customize the default (80 & 443) ports.

Post listening the traffic, Haltdos C. WAF will perform all the mitigations and then forwards the user request to the backend server. We can configure backend server and their respective ports under the Server Group option.

To forward the traffic we can do local host file entry to check whether the WAF is configured correctly or not.

Steps:

  1. Post installation of Haltdos community WAF, we can configure our application.

We can configure the domain under the operational settings.

Now, we can configure our backend server details under Server Farm.

  1. In the second step, we need to verify that WAF is able to handle the user request.

a. Users need to make a local host entry into their system for verification.

  • For Linux users: Users need to change in "/etc/hosts" file and create a local host entry as mentioned below.

After the changes, for verification we can use following command to check our local DNS binding.

  • For Windows users: Users need to make changes in "c:\Windows\System32\Drivers\etc\hosts"

Once we are done with verification command and getting local WAF IP, we can go to web browser and verify that we are getting response from the WAF.

If we are able to get response of our website from the WAF IP, now we can forward the all the data traffic to the Haltdos community WAF.

In this way users can configure the data plane IP in Haltdos community WAF and forward the traffic to WAF.