KB: 1051
How to make form rule to offers a positive security model for Application Firewall?
Problem Statement
Client want to Form Validation offers a positive security model of Application Firewall and allows enforcing specific values or a range of values for various form fields of a web application form.
Solution
Steps to Solve:-
The user can make use of Haltdos WAF form rule features.
- Login into Haltdos console.
- Go to Apps > WAF > Listener > Profile > Profile default setting > Profile Rule > Form Rule > Add Rule > Save changes.
- Open the listener in the browser.
As we can see that from above picture the request has been blocked because we specify values or a range of values for various form fields of a web application form also we have to check the incidents to know about the detailed information of blocked request.
- Go to Apps > WAF > Incidents.
As we can see that from above picture the content size is 145 and in form rule we configure the rule details by following values
Request validation = Maximum Body Length
Value = 2 , but here we set the maximum content size by 2 that is the reason the request gets blocked. In this way we can achieve form rule.