Skip to main content
Version: v6

KB: 1059

How to prevent Cross-site Request Forgery through Haltdos WAF?

Problem Statement

Client wants prevent their sites by Cross-site Request Forgery attack.

SOLUTION

The client can achieve the above requirement by configuring settings to prevent CSRF on Haltdos console.

  1. First, log into the haltdos management console.

kb-1059

2.Go to Stacks > WAF > Listener > Advance Bot > Configure settings for CSRF > Save Changes.

kb-1059

3.Go to Stacks > WAF > Listener > Profile > Profile default setting > Policy > Web Policy > Enable CSRF toggle > Save changes

kb-1059

By configuring above CSRF settings client can protect their sites from CSRF attack.