KB: 1051
How to make form rule to offers a positive security model for Application Firewall ?
Problem Statement
Client want to Form Validation offers a positive security model of Application Firewall and allows enforcing specific values or a range of values for various form fields of a web application form.
Solution
The user can make use of Haltdos WAF form rule features.
1.First, log into the haltdos management console
2.Go to Stacks > WAF > Listener > Profile > Profile default setting > Profile Rule > Form Rule > Add Rule > Save changes
- Open the listener in the browser.
As we can see that from above picture the request has been blocked because we specify values or a range of values for various form fields of a web application form also we have to check the incidents to know about the detailed information of blocked request.
- Go to Stacks > WAF > Incidents
As we can see that from above picture the content size is 145 and in form rule we configure the rule details by following values
Request validation = Maximum Body Length
Value = 2 , but here we set the maximum content size by 2 that is the reason the request gets blocked.In this way we can achieve form rule.