Web Application Firewall (WAF)
A Web Application Firewall is enabled by default on all your environments. It allows you to monitor activity on your web application and block malicious attacks.
The Artifakt WAF offers several types of protections for your web application:
Prevents attacks caused by HTTP, UDP, TCP and QUIC floods.
OWASP Core Ruleset provides protection against common attack categories, including SQL Injection, Web trojans and Cross-Site Scripting.
Prevents well known malicious or bad bots to crawl your website.
Custom Firewall rules designed to provide fast and performant protection for your web applications such as Magento, Drupal or Wordpress.
The WAF is enabled by default on all your environments and cannot be disabled.
In order to determine the behavior to be applied to the traffic, a score is automatically applied to each request according to their nature, origin, type of traffic. As this score exceeds the vigilance threshold, 3 different types of WAF actions can be triggered:
The request has triggered a Firewall rule or we know for sure the request is a malicious attack. Artifakt WAF blocks this request.
The request demonstrated previous suspicious activity online or we don't know for sure the request is malicious. Artifakt WAF displays a CAPTCHA.
The request is not suspicious enough to trigger a verification mechanism, but potentially deserves your attention. Artifakt WAF logs the request.
Sometimes, the automatic classification may be wrong, and a legitimate request could be blocked incorrectly. This is what we call a false positive.
If you think this is happening for one of your environments or if you see the page below while browsing your web application, please contact our Support team and give them the Ray ID displayed at the bottom of the page. Exceptions can be added to prevent this behavior from happening again in the future.
WAF Blocking Page
To access data and logs returned by the WAF, navigate to Environment → Monitoring → WAF.
The data could be filtered by:
- Time frame
- Type (Block, Challenge ou Log)
- IP Address
The graph as well as the table of events will automatically update according to the filters selected.