Skip to main content
Version: v8

KB: 1072

What are the baseline security approaches for an application onboarded on Haltdos WAF

Security baseline approaches a client can follow post onboarding the application: -

  1. Maximum HTTP Body Size- It specifies the maximum allowed HTTP body size from a single client IP. By default, Haltdos WAF has a maximum body size limit of 10 MB, which users can configure according to their application requirements.

    Reference- (Operational Settings)[https://docs.haltdos.com/enterprise/waf/listener/Setting/operational]

  2. End-to-End Encryption- The SSL certificate ensures that all data transmitted between users and the application is encrypted. This protects sensitive information from being intercepted or tampered with during transit.

    Reference- (SSL Management)[https://docs.haltdos.com/enterprise/waf/listener/ssl_management]

  3. Tuning Security Profiles- During the application onboarding phase, Haltdos WAF operates in RECORD mode, where it observes traffic and identifies false positives and negatives. This process helps in fine-tuning security policies to match the specific needs of the application. Users can decide how long the application will remain in RECORD mode, and after fine-tuning all false positives,the application can be moved to MITIGATION mode.

    Reference- (Security Profile Settings)[https://docs.haltdos.com/enterprise/waf/listener/profiles/settings]

  4. Web Policies- This specifies the web policies for the application, including allowed HTTP methods, restricted extensions, restricted file uploads, and more. Users can configure these policies according to the application's requirements.

    Reference- (Web Policy)[https://docs.haltdos.com/enterprise/waf/listener/profiles/policy/web_policy]

  5. Signatures- Signatures contain rules that are evaluated for each request that passes through Haltdos WAF. The rules offer protection from many different types of attacks for Web Service/API including OWASP top 10 and can help users specify the behavior for their application. These signatures should be in PROD mode after application onboarding.

    Reference- (Attack Signatures)[https://docs.haltdos.com/enterprise/waf/listener/profiles/signatures]

  6. Caching and Compression- When caching is enabled, WAF saves responses in a directory and uses them to respond to clients without having to proxy requests for the same content every time. Haltdos WAF provides you with the ability to compress or decompress the responses which often significantly reduces the size of transmitted data and increases performance.

    Reference-
    (Caching)[https://docs.haltdos.com/enterprise/waf/listener/loadBalancing/caching] and (Compression)[https://docs.haltdos.com/enterprise/waf/listener/loadBalancing/compression]